Описание
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1:1.11.11-1ubuntu1.16 |
| devel | released | 2:3.2.12-1 |
| esm-infra-legacy/trusty | released | 1.6.11-0ubuntu1.3+esm4 |
| esm-infra/bionic | released | 1:1.11.11-1ubuntu1.16 |
| esm-infra/focal | released | 2:2.2.12-1ubuntu0.10 |
| esm-infra/xenial | released | 1.8.7-1ubuntu5.15+esm4 |
| focal | released | 2:2.2.12-1ubuntu0.10 |
| impish | released | 2:2.2.24-1ubuntu1.3 |
| jammy | released | 2:3.2.12-1 |
| trusty/esm | released | 1.6.11-0ubuntu1.3+esm4 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27 ...
Уязвимость фреймворка для веб-приложений Django, связанная с выполнением цикла с недоступным условием выхода, позволяющая нарушителю выполнить отказ в обслуживании
EPSS
5 Medium
CVSS2
7.5 High
CVSS3