Django security releases issued: 3.2.2, 3.1.10, and 2.2.22

May 7, 2021

There were two Django security releases this week. Upgrade to the latest Django version to get them both.

Django: 3.2.1, 3.1.9, and 2.2.21 - CVE-2021-31542: Potential directory-traversal via uploaded files

Django 3.2.2, 3.1.10, and 2.2.22 - CVE-2021-32052: Header injection possibility since URLValidator accepted newlines in input on Python 3.9.5+

Featured Sponsor

Support the community and reach thousands of Django developers

Weekly Newsletter

Get the latest Django news, articles, and projects delivered to your inbox every week. Curated by Jeff Triplett & William Vincent.

No spam, ever. Unsubscribe anytime.