← voltar
CVE-2022-23833

CVE-2022-23833

EPSS 49.2%
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://docs.djangoproject.com/en/4.0/releases/security/https://github.com/django/django/commit/c477b761804984c932704554ad35f78a2e230c6ahttps://github.com/django/django/commit/d16133568ef9c9b42cb7a08bdf9ff3feec2e5468https://github.com/django/django/commit/f9c7d48fdd6f198a6494a9202f90242f176e4fc9https://groups.google.com/forum/#%21forum/django-announcehttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV/https://security.netapp.com/advisory/ntap-20220221-0003/https://www.debian.org/security/2022/dsa-5254https://www.djangoproject.com/weblog/2022/feb/01/security-releases/