GMS-2022-1891: Duplicate of ./pypi/django-s3file/CVE-2022-24840.yml

June 6, 2022

Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) in django-s3file.

References

github.com/advisories/GHSA-4w8f-hjm9-xwgf
github.com/codingjoe/django-s3file/commit/68ccd2c621a40eb66fdd6af2be9d5fcc9c373318
github.com/codingjoe/django-s3file/releases/tag/5.5.1
github.com/codingjoe/django-s3file/security/advisories/GHSA-4w8f-hjm9-xwgf
nvd.nist.gov/vuln/detail/CVE-2022-24840

Code Behaviors & Features

Detect and mitigate GMS-2022-1891 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →