python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...

DEBIAN-CVE-2024-41991

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

PYSEC-2024-69

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

UBUNTU-CVE-2024-41991

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters, and the AdminURLFieldWidget widget, are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters...

PT-2024-6155

Name of the Vulnerable Software and Affected Versions: Django versions 4.2 through 4.2.14 Django versions 5.0 through 5.0.7 Description: The issue is related to a potential denial-of-service attack in Django, specifically affecting the urlize and urlizetrunc template filters, and the...

GHSA-7RP2-FM2H-WCHJ Django Cross-site Scripting in AdminURLFieldWidget

An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1.9, and 2.2 before 2.2.2. The clickable Current URL value displayed by the AdminURLFieldWidget displays the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provid...