VDB

DEBIAN-CVE-2022-23833

DEBIAN-CVE-2022-23833 PUBLISHED CVSS 7.5 HIGH

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11python-django*, 2.2.25-1, 2.2.26-1
Debian:12python-django0, 0, 0
Debian:13python-django0, 0, 0
Debian:14python-django0, 0, 0

Timeline

  • Feb 3, 2022 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›