
We found results for “”
WS-2020-0125
Good to know:

Date: August 19, 2025
django-sendfile2 currently relies on the backend to correctly limit file paths to SENDFILE_ROOT. This is not the case for the simple and development backends, it is also not necessarily the case for any of the other backends either (it's just an assumption that was made by the original author).
Language: Python
Severity Score
Related Resources (4)
Severity Score
Weakness Type (CWE)
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | CHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | NONE |
Availability (A): | NONE |