Django 2.2.25 release notes

December 7, 2021

Django 2.2.25 fixes a security issue with severity “low” in 2.2.24.

CVE-2021-44420: Potential bypass of an upstream access control based on URL paths

HTTP requests for URLs with trailing newlines could bypass an upstream access control based on URL paths.

Back to Top