CVE-2021-28658 vulnerability in Django Project and Other Products
Published on April 6, 2021

In Django 2.2 before 2.2.20, 3.0 before 3.0.14, and 3.1 before 3.1.8, MultiPartParser allowed directory traversal via uploaded files with suitably crafted file names. Built-in upload handlers were not affected by this vulnerability.

Vendor Advisory NVD

Products Associated with CVE-2021-28658

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-28658 are published in these products:

Django Project Django

Debian Linux

Fedora Project Fedora

Exploit Probability

EPSS

1.51%

Percentile

80.97%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2021-28658 vulnerability in Django Project and Other ProductsPublished on April 6, 2021

Products Associated with CVE-2021-28658

Exploit Probability

CVE-2021-28658 vulnerability in Django Project and Other Products
Published on April 6, 2021