Miggo Logo
Miggo Vulnerability Database
CVE-2024-39330

CVE-2024-39330: Django Path Traversal vulnerability

7.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2024-39330
GHSA ID
GHSA-9jmf-237g-qf46
EPSS Score
0.15394%
CWE
CWE-22
Published
7/10/2024
Updated
8/9/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
Djangopip>= 5.0, < 5.0.75.0.7
Djangopip>= 4.2, < 4.2.144.2.14

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability arises because the original save() method in Storage did not validate the filename before and after calling get_available_name(). Subclasses overriding generate_filename() (used by get_available_name()) without replicating the parent's validation could bypass checks. The patch added explicit validate_file_name() calls in save() to enforce validation regardless of subclass implementations. Thus, the unpatched save() method is the vulnerable function when used with such subclasses.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n issu* w*s *is*ov*r** in *j*n*o *.* ***or* *.*.* *n* *.* ***or* *.*.**. **riv** *l*ss*s o* t** `*j*n*o.*or*.*il*s.stor***.Stor***` **s* *l*ss, w**n t**y ov*rri** `**n*r*t*_*il*n*m*()` wit*out r*pli**tin* t** *il*-p*t* v*li**tions *rom t** p*r*nt *l

Reasoning

T** vuln*r**ility *ris*s ****us* t** ori*in*l s*v*() m*t*o* in Stor*** *i* not v*li**t* t** *il*n*m* ***or* *n* **t*r **llin* **t_*v*il**l*_n*m*(). Su**l*ss*s ov*rri*in* **n*r*t*_*il*n*m*() (us** *y **t_*v*il**l*_n*m*()) wit*out r*pli**tin* t** p*r*n