VDB
DEBIAN-CVE-2022-23833
DEBIAN-CVE-2022-23833
PUBLISHED
CVSS 7.5 HIGH
An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | python-django | *, 2.2.25-1, 2.2.26-1 |
| Debian:12 | python-django | 0, 0, 0 |
| Debian:13 | python-django | 0, 0, 0 |
| Debian:14 | python-django | 0, 0, 0 |
Timeline
- Feb 3, 2022 CVE Published
- Apr 28, 2026 CVE Updated