CVE-2024-53907 — Vulnetix

Try Vulnetix Request Demo

CVE-2024-53907 PUBLISHED

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.

EPSS 1.04% · 77.3th percentile

Risk Scores

EPSS Score

1.04%

77.3th percentile

Affected Products

Vendor	Product	Versions
Bitnami	django	5.0.0, 4.2.0
Bitnami	django	4.2.0, 5.0.0, 4.2.0

Timeline

Dec 4, 2024 CVE Published
Dec 7, 2024 EPSS Score
Dec 23, 2024 EPSS Score
Dec 31, 2024 Coalition ESS Score
Jan 9, 2025 EPSS Score
Jan 25, 2025 EPSS Score
Feb 10, 2025 EPSS Score
Feb 27, 2025 EPSS Score
Mar 15, 2025 EPSS Score
Mar 31, 2025 EPSS Score
May 3, 2025 EPSS Score
May 19, 2025 EPSS Score

References

Open in Interactive Console →