VDB
DEBIAN-CVE-2025-26699
DEBIAN-CVE-2025-26699
PUBLISHED
CVSS 7.5 HIGH
An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings.
Risk Scores
CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | python-django | 2.2.28-1, 2.2.28-1, * |
| Debian:12 | python-django | *, 0, 3:3.2.19-1+deb12u1~bpo11+1 |
| Debian:14 | python-django | 0, 0 |
| Debian:13 | python-django | 0, 0 |
Timeline
- Mar 6, 2025 CVE Published
- Apr 28, 2026 CVE Updated