An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.
References
Configurations
History
07 Nov 2023, 04:08
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2023-02-15 01:15
Updated : 2024-02-28 19:51
NVD link : CVE-2023-24580
Mitre link : CVE-2023-24580
CVE.ORG link : CVE-2023-24580
JSON object : View
Products Affected
debian
- debian_linux
djangoproject
- django
CWE
CWE-400
Uncontrolled Resource Consumption