CRITICAL🇵🇱 Wersja polska

CVE-2026-42196

CVSS 9.9v4.0pub. 2026-05-12upd. 2026-05-13

django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random locations into request.FILES. Depending on how files are handled, this may lead to confidentiality and integrity issues. This vulnerability is fixed in 7.0.2.

🤖 AI Analysis
How it works

The vulnerability (CWE-22, CWE-26) consists of insufficient path validation in S3FileMiddleware. An attacker can craft a modified HTTP request containing path traversal sequences (e.g., '../') that allow escape from approved, pre-signed upload locations on S3. As a result, the Django application is forced to load a file from an arbitrary location within the S3 bucket into the request.FILES object, where further processing by the application may have undesirable consequences.

Impact

An unauthenticated attacker can force the application to load files from outside allowed S3 locations, which may result in unauthorized access to sensitive data (confidentiality breach) and the ability to substitute unexpected files for further processing (integrity breach).

Mitigation & patch

Update django-s3file to version 7.0.2 or later, where the vulnerability has been fixed. Patches are available in the project repository and in the PyPI package index.

Who is affected

The django-s3file library in all versions earlier than 7.0.2

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Path Traversal
CWE
References