Oval Definition:oval:org.opensuse.security:def:202024583
Revision Date:2022-06-30Version:1
Title:CVE-2020-24583
Description:

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used). FILE_UPLOAD_DIRECTORY_PERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level collected static directories when using the collectstatic management command.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2020-24583
SUSE CVE-2020-24583
Platform(s):openSUSE Tumbleweed
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • python36-Django-3.2.7-2.3 is installed
  • OR python38-Django-3.2.7-2.3 is installed
  • OR python39-Django-3.2.7-2.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND python-Django is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Django is not affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Django1 is not affected
    • BACK