Name of the Vulnerable Software and Affected Versions django-sendfile2 versions prior to 0.6.0

Description The issue arises from django-sendfile2 relying on the backend to correctly limit file paths to SENDFILE ROOT, which is not guaranteed for the simple and development backends, and potentially other backends as well. This problem will be fixed in version 0.6.0.

Recommendations For versions prior to 0.6.0, upgrade to version 0.6.0 and ensure SENDFILE ROOT is set in your settings module.