CVE-2022-23833

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-23833

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23833.json

Aliases

Related

Published

2022-02-03T02:15:07Z

Modified

2023-12-06T01:02:02.697371Z

Details

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

References

Affected packages

Git / github.com/django/django

Affected ranges

Type: GIT
Repo: https://github.com/django/django
Events: Fixed

c477b761804984c932704554ad35f78a2e230c6a

Fixed

d16133568ef9c9b42cb7a08bdf9ff3feec2e5468

Fixed

f9c7d48fdd6f198a6494a9202f90242f176e4fc9

Introduced

b6475d7d7940f3ce575e0b0f2d83e517f899b4cf

Introduced

67d0c4644acfd7707be4a31e8976f865509b09ac

Introduced

635d53a86a36cde7866b9caefeb64d809e6bfcd9

Affected versions

2.*

2.2

2.2.1

2.2.10

2.2.11

2.2.12

2.2.13

2.2.14

2.2.15

2.2.16

2.2.17

2.2.18

2.2.19

2.2.2

2.2.20

2.2.21

2.2.22

2.2.23

2.2.24

2.2.25

2.2.26

2.2.3

2.2.4

2.2.5

2.2.6

2.2.7

2.2.8

2.2.9

3.*

3.2

3.2.1

3.2.10

3.2.11

3.2.2

3.2.3

3.2.4

3.2.5

3.2.6

3.2.7

3.2.8

3.2.9

4.*

4.0

4.0.1