VDB

DEBIAN-CVE-2025-26699

DEBIAN-CVE-2025-26699 PUBLISHED CVSS 7.5 HIGH

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap() method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings.

Risk Scores

CVSS 3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:11python-django2.2.28-1, 2.2.28-1, *
Debian:12python-django*, 0, 3:3.2.19-1+deb12u1~bpo11+1
Debian:14python-django0, 0
Debian:13python-django0, 0

Timeline

  • Mar 6, 2025 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›