Your submission was sent successfully! Close

CVE-2022-23833

Published: 1 February 2022

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
python-django
Launchpad, Ubuntu, Debian
bionic
Released (1:1.11.11-1ubuntu1.16)
focal
Released (2:2.2.12-1ubuntu0.10)
impish
Released (2:2.2.24-1ubuntu1.3)
jammy
Released (2:3.2.12-1)
trusty
Released (1.6.11-0ubuntu1.3+esm4)
upstream
Released (2.2.27,3.2.12)
xenial
Released (1.8.7-1ubuntu5.15+esm4)