Description

An issue was discovered in Django 4.2 before 4.2.14 and 5.0 before 5.0.7. urlize and urlizetrunc were subject to a potential denial of service attack via certain inputs with a very large number of brackets.

Remediation

References

CVE-2024-38875

Related Vulnerabilities

b2evolution Other Vulnerability (CVE-2007-2681)

Joomla CVE-2012-2748 Vulnerability (CVE-2012-2748)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (9.0.1)

Moodle Other Vulnerability (CVE-2007-3555)

Drupal Core 4.7.x Multiple Cross-Site Scripting Vulnerabilities (4.7.0 - 4.7.6)

Severity

High

Classification

CVE-2024-38875 CWE-130 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities