7 matches found
BIT-DJANGO-2023-41164
In Django 3.2 before 3.2.21, 4.1 before 4.1.11, and 4.2 before 4.2.5, django.utils.encoding.uritoiri is subject to a potential DoS denial of service attack via certain inputs with a very large number of Unicode characters...
python-django: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
An uncontrolled resource consumption vulnerability was found in Django. Feeding certain inputs with a very large number of Unicode characters to the URI to IRI encoder function can lead to a denial of service...
Django -- multiple vulnerabilities
Django reports: CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uritoiri...
FreeBSD : Django -- multiple vulnerabilities (6e65dfea-b614-11e9-a3a2-1506e15611cc)
Django release notes : CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator If django.utils.text.Truncator's chars and words methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in ...
Uncontrolled Recursion in Django
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uritoiri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences...
ALPINE-CVE-2019-14235
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uritoiri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences...
CVE-2019-14235
An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. If passed certain inputs, django.utils.encoding.uritoiri could lead to significant memory usage due to a recursion when repercent-encoding invalid UTF-8 octet sequences...