2 matches found
python-django: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget
A flaw was found in Django. 'urlize', 'urlizetrunc', and 'AdminURLFieldWidget' may be subject to a denial of service attack via certain inputs with a very large number of Unicode characters...
django: Catastrophic backtracking in regular expressions via 'urlize' and 'urlizetrunc'
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions only one regular expression for Django...