CVE-2024-41990 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-41990 PUBLISHED

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.

EPSS 1.33% · 79.8th percentile

Risk Scores

EPSS Score

1.33%

79.8th percentile

Affected Products

Vendor	Product	Versions
Bitnami	django	4.2.0, 5.0.0, 4.2.0
Bitnami	django	4.2.0, 5.0.0

Timeline

CVE Published
Aug 13, 2024 EPSS Score
Sep 2, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 13, 2024 EPSS Score
Oct 19, 2024 Coalition ESS Score
Oct 30, 2024 Coalition ESS Score
Nov 2, 2024 EPSS Score
Nov 22, 2024 EPSS Score
Nov 30, 2024 PoC Published
Jan 3, 2025 EPSS Score
Jan 23, 2025 EPSS Score

References

Open in Interactive Console →