It was discovered that Django, when used with Python 3.7 or higher, incorrectly handled directory permissions. A local attacker could possibly use this issue to obtain sensitive information, or escalate permissions.
{ "availability": "No subscription required", "binaries": [ { "python-django-doc": "2:2.2.12-1ubuntu0.2", "python3-django": "2:2.2.12-1ubuntu0.2" } ] }