VDB
GCVE-110-MAGEIA-2024-75
GCVE-110-MAGEIA-2024-75
Advisory Published
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3,
the django.utils.text.Truncator.words() method (with html=True) and the
truncatewords_html template filter are subject to a potential regular
expression denial-of-service attack via a crafted string.
(CVE-2024-27351)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | python-django | 4.1.13-1.1.mga9 (unaffected), 0 (affected), 0 (affected), 4.1.13-1.1.mga9 (unaffected) | — |
| Mageia | smplayer | 23.12.0-1.mga9 (unaffected), 0 (affected) | — |
Aliases
References
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.