Lucene search
K

4 matches found

OSV
OSV
added 2025/05/08 6:30 a.m.3 views

GHSA-8J24-CJRQ-GR2M Django has a denial-of-service possibility in strip_tags()

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

5.3CVSS6.8AI score0.13969EPSS
Exploits0References8
PyPA
PyPA
added 2025/05/08 4:17 a.m.8 views

PYSEC-2025-37

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.striptags function is vulnerable to a potential denial-of-service slow performance when processing inputs containing large sequences of incomplete HTML tags. The template filter...

5.3CVSS7AI score0.13969EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2025/05/07 3:22 p.m.3 views

USN-7501-1 python-django vulnerability

Elias Myllymäki discovered that Django incorrectly handled stripping large sequences of incomplete HTML tags. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service...

5.3CVSS7.2AI score0.13969EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/12/07 8:46 p.m.4 views

jsoup: XSS vulnerability related to incomplete tags at EOF

It was found that jsoup did not properly validate user-supplied HTML content; certain HTML snippets could get past the validator without being detected as unsafe. A remote attacker could use a specially crafted HTML snippet to execute arbitrary web script in the user's browser...

6.1CVSS7.6AI score0.02207EPSS
Exploits0References4
Rows per page
Query Builder