Описание
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3:4.2.15-1 |
| esm-infra-legacy/trusty | needs-triage | |
| esm-infra/bionic | released | 1:1.11.11-1ubuntu1.21+esm6 |
| esm-infra/focal | not-affected | 2:2.2.12-1ubuntu0.24 |
| esm-infra/xenial | needs-triage | |
| focal | released | 2:2.2.12-1ubuntu0.24 |
| jammy | released | 2:3.2.12-2ubuntu1.13 |
| noble | released | 3:4.2.11-1ubuntu1.2 |
| oracular | released | 3:4.2.15-1 |
| plucky | released | 3:4.2.15-1 |
Показывать по
EPSS
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2. ...
Уязвимость функции django.utils.numberformat.floatformat() программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
7.5 High
CVSS3