mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-07 07:15:35 +00:00
Code Issues 32 Releases Wiki Activity

Fixed CVE-2025-59682 -- Fixed potential partial directory-traversal via archive.extract().

Browse Source 
Thanks stackered for the report.

Follow up to 05413afa8c.
This commit is contained in:
Sarah Boyce
2025-09-16 17:13:36 +02:00
committed by Jacob Walls
parent 41b43c74bd
commit 924a0c092e
5 changed files with 48 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/releases/4.2.25.txt
View File

@@ -15,3 +15,11 @@ CVE-2025-59681: Potential SQL injection in ``QuerySet.annotate()``, ``alias()``,
to SQL injection in column aliases, using a suitably crafted dictionary, with
dictionary expansion, as the ``**kwargs`` passed to these methods (follow up to
:cve:`2022-28346`).
CVE-2025-59682: Potential partial directory-traversal via ``archive.extract()``
===============================================================================
The ``django.utils.archive.extract()`` function, used by
:option:`startapp --template` and :option:`startproject --template`, allowed
partial directory-traversal via an archive with file paths sharing a common
prefix with the target directory (follow up to :cve:`2021-3281`).

8
docs/releases/5.1.13.txt
View File

@@ -15,3 +15,11 @@ CVE-2025-59681: Potential SQL injection in ``QuerySet.annotate()``, ``alias()``,
to SQL injection in column aliases, using a suitably crafted dictionary, with
dictionary expansion, as the ``**kwargs`` passed to these methods (follow up to
:cve:`2022-28346`).
CVE-2025-59682: Potential partial directory-traversal via ``archive.extract()``
===============================================================================
The ``django.utils.archive.extract()`` function, used by
:option:`startapp --template` and :option:`startproject --template`, allowed
partial directory-traversal via an archive with file paths sharing a common
prefix with the target directory (follow up to :cve:`2021-3281`).

8
docs/releases/5.2.7.txt
View File

@@ -17,6 +17,14 @@ to SQL injection in column aliases, using a suitably crafted dictionary, with
dictionary expansion, as the ``**kwargs`` passed to these methods (follow up to
:cve:`2022-28346`).
CVE-2025-59682: Potential partial directory-traversal via ``archive.extract()``
===============================================================================
The ``django.utils.archive.extract()`` function, used by
:option:`startapp --template` and :option:`startproject --template`, allowed
partial directory-traversal via an archive with file paths sharing a common
prefix with the target directory (follow up to :cve:`2021-3281`).
Bugfixes
========