Your submission was sent successfully! Close

CVE-2022-41323

Published: 4 October 2022

In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.

Priority

Medium

CVSS 3 base score: 7.5

Status

Package Release Status
python-django
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal
Released (2:2.2.12-1ubuntu0.14)
jammy
Released (2:3.2.12-2ubuntu1.3)
kinetic Pending
(3.2.15-1ubuntu1)
trusty Not vulnerable
(code not present)
upstream Needs triage

xenial Not vulnerable
(code not present)