Description
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
Remediation
References
Related Vulnerabilities
PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-2202)
WordPress Plugin Loginizer SQL Injection (1.6.3)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2021-32567)
Oracle Application Server CVE-2009-1976 Vulnerability (CVE-2009-1976)
WordPress Plugin Form Manager Remote Command Execution (1.7.2)