Lucene search

K
cvelistMitreCVELIST:CVE-2023-24580
HistoryFeb 15, 2023 - 12:00 a.m.

CVE-2023-24580

2023-02-1500:00:00
mitre
www.cve.org
django
multipart request parser
denial-of-service

7.7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.8%

An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.

References