Описание
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | released | 3:4.2.4-1ubuntu1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | released | 1:1.11.11-1ubuntu1.21+esm2 |
| esm-infra/focal | not-affected | 2:2.2.12-1ubuntu0.19 |
| esm-infra/xenial | needed | |
| focal | released | 2:2.2.12-1ubuntu0.19 |
| jammy | released | 2:3.2.12-2ubuntu1.8 |
| lunar | released | 3:3.2.18-1ubuntu0.4 |
| mantic | released | 3:4.2.4-1ubuntu1 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, ...
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
Уязвимость компонента django.utils.encoding.uri_to_iri() программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3