Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-27556

Опубликовано: 02 апр. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.8

Описание

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

РелизСтатусПримечание
devel

not-affected

windows specific
esm-infra-legacy/trusty

not-affected

windows specific
esm-infra/bionic

not-affected

windows specific
esm-infra/focal

not-affected

windows specific
esm-infra/xenial

not-affected

windows specific
focal

not-affected

windows specific
jammy

not-affected

windows specific
noble

not-affected

windows specific
oracular

not-affected

windows specific
upstream

released

5.0.14,5.1.8

Показывать по

Ссылки на источники

EPSS

Процентиль: 2%
0.00015
Низкий

5.8 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2025-27556

CVSS3: 5.8
redhat
3 месяца назад

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

nvd логотип

CVE-2025-27556

CVSS3: 5.8
nvd
3 месяца назад

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

debian логотип

CVE-2025-27556

CVSS3: 5.8
debian
3 месяца назад

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0. ...

github логотип

GHSA-wqfg-m96j-85vm

CVSS3: 5.8
github
3 месяца назад

Django Potential Denial of Service (DoS) on Windows

fstec логотип

BDU:2025-05049

CVSS3: 5.8
fstec
3 месяца назад

Уязвимость функций LoginView, LogoutView и set_language() программной платформы для веб-приложений Django, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 2%
0.00015
Низкий

5.8 Medium

CVSS3