Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS14eGo5LWY2cnYtbTN4NM4AA5IP

Django denial-of-service attack in the intcomma template filter

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.

Permalink: https://github.com/advisories/GHSA-xxj9-f6rv-m3x4
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS14eGo5LWY2cnYtbTN4NM4AA5IP
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 23 days ago
Updated: 23 days ago


Identifiers: GHSA-xxj9-f6rv-m3x4, CVE-2024-24680
References:

Affected Packages

pypi:django
Versions: >= 5.0, < 5.0.2, >= 4.2, < 4.2.10, < 3.2.24
Fixed in: 5.0.2, 4.2.10, 3.2.24