Description
The session backends in Django before 1.4.21, 1.5.x through 1.6.x, 1.7.x before 1.7.9, and 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (session store consumption) via multiple requests with unique session keys.
Remediation
References
Related Vulnerabilities
OpenSSL Access of Resource Using Incompatible Type ('Type Confusion') Vulnerability (CVE-2023-0286)
WordPress Plugin Great Restaurant Menu WP SQL Injection (1.4.1)
WordPress Plugin Google Maps Ready! Cross-Site Request Forgery (1.1.5)
Oracle Database Server Deserialization of Untrusted Data Vulnerability (CVE-2017-15095)
Atlassian Jira CVE-2020-14178 Vulnerability (CVE-2020-14178)