Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-32873

Опубликовано: 08 мая 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.3

Описание

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().

РелизСтатусПримечание
devel

released

3:4.2.18-1ubuntu1.1
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

released

1:1.11.11-1ubuntu1.21+esm11
esm-infra/focal

not-affected

2:2.2.12-1ubuntu0.29
esm-infra/xenial

needs-triage

focal

released

2:2.2.12-1ubuntu0.29
jammy

released

2:3.2.12-2ubuntu1.18
noble

released

3:4.2.11-1ubuntu1.7
oracular

released

3:4.2.15-1ubuntu1.4
plucky

released

3:4.2.18-1ubuntu1.1

Показывать по

EPSS

Процентиль: 5%
0.00026
Низкий

5.3 Medium

CVSS3

Связанные уязвимости

CVSS3: 5.3
redhat
около 1 месяца назад

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().

CVSS3: 5.3
nvd
около 1 месяца назад

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().

CVSS3: 5.3
debian
около 1 месяца назад

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, ...

suse-cvrf
около 1 месяца назад

Security update for python-Django

suse-cvrf
24 дня назад

Security update for python-Django

EPSS

Процентиль: 5%
0.00026
Низкий

5.3 Medium

CVSS3