summaryrefslogtreecommitdiff
path: root/docs/releases
diff options
context:
space:
mode:
Diffstat (limited to 'docs/releases')
-rw-r--r--docs/releases/2.2.25.txt6
-rw-r--r--docs/releases/3.1.14.txt6
2 files changed, 10 insertions, 2 deletions
diff --git a/docs/releases/2.2.25.txt b/docs/releases/2.2.25.txt
index e8e552d80e..1662451a30 100644
--- a/docs/releases/2.2.25.txt
+++ b/docs/releases/2.2.25.txt
@@ -6,4 +6,8 @@ Django 2.2.25 release notes
Django 2.2.25 fixes a security issue with severity "low" in 2.2.24.
-...
+CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
+=================================================================================
+
+HTTP requests for URLs with trailing newlines could bypass an upstream access
+control based on URL paths.
diff --git a/docs/releases/3.1.14.txt b/docs/releases/3.1.14.txt
index 45775c3ce6..fb6fef8884 100644
--- a/docs/releases/3.1.14.txt
+++ b/docs/releases/3.1.14.txt
@@ -6,4 +6,8 @@ Django 3.1.14 release notes
Django 3.1.14 fixes a security issue with severity "low" in 3.1.13.
-...
+CVE-2021-44420: Potential bypass of an upstream access control based on URL paths
+=================================================================================
+
+HTTP requests for URLs with trailing newlines could bypass an upstream access
+control based on URL paths.
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 00:40:20 +0000