CVE-2022-36359 – An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 …

3 August 2022

Vuln ID: CVE-2022-36359

Published: 2022-08-03 14:15:08Z

Description: An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.

Source: NVD.NIST.GOV

Date:

3 August 2022

Categorie(s):

NVD

Tag(s):

NVD

Integrated Residential Security Solutions to Employ in 202426 April 2024
Five ways security leaders can demonstrate the business value of cybersecurity26 April 2024
UK’s Investigatory Powers Bill to become law despite tech world opposition26 April 2024
Dropbox adds end-to-end encryption for team folders26 April 2024
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates26 April 2024