Headline
GHSA-8x94-hmjh-97hq: Django 3.2 before 3.2.15 and 4.0 before 4.0.7 vulnerable to Reflected File Download attack
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2022-36359
Django 3.2 before 3.2.15 and 4.0 before 4.0.7 vulnerable to Reflected File Download attack
High severity GitHub Reviewed Published Aug 11, 2022 • Updated Aug 11, 2022
We are still processing this advisory. You may have affected repositories that are not yet on this list. Check back soon for more.
Affected versions
>= 3.2, < 3.2.15
>= 4.0, < 4.0.7
Patched versions
3.2.15
4.0.7
Description
Related news
Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a response when the filename is derived from user-supplied input. Version 2.2.3 and 3.0.4 contain patches for this issue.
Ubuntu Security Notice 5549-1 - It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine.
An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download (RFD) attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input.