CVE-2024-41989 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-41989 PUBLISHED

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.

EPSS 1.39% · 80.2th percentile

Risk Scores

EPSS Score

1.39%

80.2th percentile

Affected Products

Vendor	Product	Versions
Bitnami	django	4.2.0, 5.0.0
Bitnami	django	4.2.0, 5.0.0, 4.2.0

Timeline

CVE Published
Aug 13, 2024 EPSS Score
Sep 2, 2024 EPSS Score
Sep 22, 2024 PoC Published
Oct 4, 2024 Coalition ESS Score
Oct 13, 2024 EPSS Score
Nov 2, 2024 EPSS Score
Nov 22, 2024 EPSS Score
Jan 3, 2025 EPSS Score
Jan 23, 2025 EPSS Score
Feb 12, 2025 EPSS Score
Mar 25, 2025 EPSS Score

References

Open in Interactive Console →