Lucene search

K
osvGoogleOSV:CVE-2021-45116
HistoryJan 05, 2022 - 12:15 a.m.

CVE-2021-45116

2022-01-0500:15:07
Google
osv.dev
11
django
information disclosure
template filter
vulnerability

AI Score

7.3

Confidence

High

EPSS

0.002

Percentile

56.1%

An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language’s variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.