Description
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
Remediation
References
Related Vulnerabilities
WordPress Plugin Debug Bar Multiple Unspecified Vulnerabilities (0.8.4)
WordPress Plugin Limit Login Attempts Reloaded Security Bypass (2.7.4)
Zope Web Application Server Other Vulnerability (CVE-2012-5486)
WordPress Plugin Woocommerce CSV importer Arbitrary File Deletion (3.3.6)
PostgreSQL Improper Control of Dynamically-Managed Code Resources Vulnerability (CVE-2022-2625)