CVE-2025-27556 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-27556 PUBLISHED

An issue was discovered in Django 5.1 before 5.1.8 and 5.0 before 5.0.14. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.views.LoginView, django.contrib.auth.views.LogoutView, and django.views.i18n.set_language are subject to a potential denial-of-service attack via certain inputs with a very large number of Unicode characters.

EPSS 0.17% · 37.9th percentile

Risk Scores

EPSS Score

0.17%

37.9th percentile

Affected Products

Vendor	Product	Versions
Bitnami	django	5.0.0, 5.1.0, 5.0.0
Bitnami	django	5.0.0, 5.1.0

Timeline

Apr 2, 2025 CVE Published
Apr 2, 2025 CVE Updated
Apr 3, 2025 EPSS Score
Apr 4, 2025 Coalition ESS Score
Apr 15, 2025 EPSS Score
Apr 28, 2025 EPSS Score
May 10, 2025 EPSS Score
May 22, 2025 EPSS Score
Jun 3, 2025 EPSS Score
Jun 16, 2025 EPSS Score
Jun 28, 2025 EPSS Score
Jul 10, 2025 EPSS Score

References

Open in Interactive Console →