25 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-django (UTSA-2026-017339)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017339 advisory. An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential...
python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()
A flaw was found in Django. Processing very large inputs with a specific sequence of characters with the urlize and urlizetrunc functions can cause a denial of service...
python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget
A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...
python-django: Potential denial-of-service in django.utils.html.urlize()
A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input...
python-django: Potential denial-of-service vulnerability in django.utils.html.urlize()
A flaw was found in Python's Django urlize and urlizetrunc functions. Excessive input with a specific sequence of characters may lead to denial of service...
python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget
A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...
PYSEC-2024-102
An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...
python-django: Potential denial-of-service in django.utils.html.urlize()
A vulnerability was found in the Django framework's urlize and urlizetrunc functions, where an attacker can input a certain string containing a large number of brackets, leads to a potential denial of service when the application attempts to process the excessive input...
Django vulnerable to a denial-of-service attack
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...
CVE-2024-41990
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...
DEBIAN-CVE-2024-41990
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...
PYSEC-2024-68
An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize and urlizetrunc template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters...
GHSA-QG2P-9JWR-MMQF Django vulnerable to Denial of Service
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...
PYSEC-2024-56
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...
SUSE CVE-2024-38875
An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets...
Internet Bug Bounty: CVE-2024-38875: Denial-Of-Service through uncontrolled resource consumption caused by poor time complexity of strip_punctuation .
The vulnerability CVE-2024-38875 was discovered in the strippunctuation function used by the urlize and urlizetrunc filters. The function had a poor time complexity of On^2 in the worst case, which could lead to uncontrolled resource consumption when processing input with a large number of openin...
django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...
django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...
Django denial-of-service possibility in urlize and urlizetrunc template filters
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...
GHSA-R28V-MW67-M5P9 Django denial-of-service possibility in urlize and urlizetrunc template filters
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...