VDB

CVE-2021-45116

CVE-2021-45116 PUBLISHED

An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.

EPSS 0.36% · 58.8th percentile

Risk Scores

EPSS Score
0.36%
58.8th percentile

Affected Products

VendorProductVersions
Bitnamidjango3.2.0, 4.0.0, 2.2.0
Bitnamidjango2.2.0, 3.2.0, 4.0.0

Timeline

  • Jan 4, 2022 CVE Published
  • Jan 5, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 22, 2022 EPSS Score
  • Jun 15, 2022 EPSS Score
  • Aug 8, 2022 EPSS Score
  • Oct 1, 2022 EPSS Score
  • Nov 24, 2022 EPSS Score
  • Jan 16, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 11, 2023 EPSS Score
  • May 4, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›