Lucene search
PRIOn knowledge basePRION:CVE-2023-41164HistoryNov 03, 2023 - 5:15 a.m.
Design/Logic Flaw
2023-11-0305:15:00
PRIOn knowledge base
www.prio-n.com
6
django
security flaw
uri handling
denial of service
unicode characters
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uri_to_iri() is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
References
docs.djangoproject.com/en/4.2/releases/security/
groups.google.com/forum/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HJFRPUHDYJHBH3KYHSPGULQM4JN7BMSU/
security.netapp.com/advisory/ntap-20231214-0002/
www.djangoproject.com/weblog/2023/sep/04/security-releases/
Related
github
github
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
2023-11-03 06:36:29
debiancve
debiancve
CVE-2023-41164
2023-11-03 05:15:29
osv
osv
PYSEC-2023-225
2023-11-03 05:15:00
python-django vulnerability
2023-09-18 13:32:31
Django Denial of service vulnerability in django.utils.encoding.uri_to_iri
2023-11-03 06:36:29
openvas
openvas
Django < 3.2.21, 4.1.x < 4.1.11, 4.2.x < 4.2.5 DoS Vulnerability - Linux
2023-11-06 00:00:00
Debian: Security Advisory (DLA-3558-1)
2023-09-08 00:00:00
Ubuntu: Security Advisory (USN-6378-1)
2023-09-19 00:00:00
nessus
nessus
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2023:5208)
2024-04-28 00:00:00
Debian DLA-3558-1 : python-django - LTS security update
2023-09-08 00:00:00
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 : Django vulnerability (USN-6378-1)
2023-09-18 00:00:00
nvd
nvd
CVE-2023-41164
2023-11-03 05:15:29
ubuntucve
ubuntucve
CVE-2023-41164
2023-09-04 00:00:00
redhatcve
redhatcve
CVE-2023-41164
2023-09-05 15:35:56
ubuntu
ubuntu
Django vulnerability
2023-09-18 00:00:00
Django vulnerabilities
2023-10-04 00:00:00
freebsd
freebsd
Django -- multiple vulnerabilities
2023-09-01 00:00:00
cve
cve
CVE-2023-41164
2023-11-03 05:15:29
alpinelinux
alpinelinux
CVE-2023-41164
2023-11-03 05:15:29
redhat
redhat
debian
debian
[SECURITY] [DLA 3558-1] python-django security update
2023-09-08 01:00:21
cvelist
cvelist
CVE-2023-41164
2023-11-03 00:00:00
veracode
veracode
Denial Of Service (DoS)
2023-09-05 05:18:03
fedora
fedora
[SECURITY] Fedora 39 Update: python-django-4.2.6-1.fc39
2023-11-03 18:57:22
[SECURITY] Fedora 38 Update: python-django-4.1.12-1.fc38
2023-10-15 01:44:30
[SECURITY] Fedora 37 Update: python-django-4.1.12-1.fc37
2023-10-23 01:25:13