VDB
DEBIAN-CVE-2021-45116
DEBIAN-CVE-2021-45116
PUBLISHED
CVSS 7.5 HIGH
An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | python-django | 0, 0, 0 |
| Debian:11 | python-django | 0, 2.2.25-1, 0 |
| Debian:13 | python-django | 0, 0, 0 |
| Debian:12 | python-django | 0, 0, 0 |
Timeline
- Jan 5, 2022 CVE Published
- Apr 28, 2026 CVE Updated