VDB

PYSEC-2024-67

PYSEC-2024-67 PUBLISHED

An issue was discovered in Django 5.0 before 5.0.8 and 4.2 before 4.2.15. The floatformat template filter is subject to significant memory consumption when given a string representation of a number in scientific notation with a large exponent.

Affected Products

VendorProductVersions
PyPIdjango5.0, 4.2, 4.2

Timeline

  • Aug 7, 2024 CVE Published
  • Aug 8, 2024 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›