VDB

MAGEIA-2019-86

MAGEIA-2019-86 PUBLISHED

If django.utils.numberformat.format() -- used by contrib.admin as well as the floatformat, filesizeformat, and intcomma templates filters -- received a Decimal with a large number of digits or a large exponent, it could lead to significant memory usage due to a call to '{:f}'.format() (CVE-2019-6975).

Affected Products

VendorProductVersions
Mageianvidia3900, 390.129-1.mga7.nonfree
Mageiapython-django1.8.19-1.2.mga6, 0, 0

Timeline

  • Feb 14, 2019 CVE Updated
  • Feb 14, 2019 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›