Lucene search
K

4 matches found

OSV
OSV
added 2023/11/03 5:15 a.m.5 views

PYSEC-2023-226

In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars and words methods when used with html=True are subject to a potential DoS denial of service attack via certain inputs with very long, potentially malformed HTML text. The chars and words...

7.5CVSS6.8AI score0.01225EPSS
Exploits0References4
OSV
OSV
added 2019/08/02 3:15 p.m.2 views

PYSEC-2019-81

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability i...

5.9AI score
Exploits0References10
RedHat Linux
RedHat Linux
added 2019/02/04 11:51 p.m.8 views

django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

5.3CVSS7.2AI score0.0462EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2018/10/16 5:38 p.m.6 views

django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a...

5.3CVSS7.2AI score0.0462EPSS
Exploits0References5
Rows per page
Query Builder