Описание
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support |
| devel | not-affected | 3:4.2.10-1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | released | 1:1.11.11-1ubuntu1.21+esm3 |
| esm-infra/focal | not-affected | 2:2.2.12-1ubuntu0.21 |
| esm-infra/xenial | needed | |
| focal | released | 2:2.2.12-1ubuntu0.21 |
| jammy | released | 2:3.2.12-2ubuntu1.10 |
| mantic | released | 3:4.2.4-1ubuntu2.1 |
| noble | not-affected | 3:4.2.10-1 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10 ...
Django denial-of-service attack in the intcomma template filter
Уязвимость программной платформы для веб-приложений Django, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3