Описание
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
A flaw was found in Django. The issue occurs when passing certain inputs to multipart forms, resulting in an infinite loop when parsing files.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ansible Automation Platform 1.2 | python-django | Affected | ||
| Red Hat Ansible Automation Platform 2 | python-django | Affected | ||
| Red Hat Ansible Tower 3 | django | Affected | ||
| Red Hat Ceph Storage 2 | calamari-server | Out of support scope | ||
| Red Hat Ceph Storage 2 | python-django | Out of support scope | ||
| Red Hat Ceph Storage 3 | python-django | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | python-django | Out of support scope | ||
| Red Hat Satellite 6 | python3-django | Affected | ||
| Red Hat Storage 3 | python-django | Affected | ||
| Red Hat Update Infrastructure 3 for Cloud Providers | python-django | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27 ...
Уязвимость фреймворка для веб-приложений Django, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю выполнить отказ в обслуживании
EPSS
7.5 High
CVSS3