CVE-2024-45230

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-45230

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-45230.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-45230

Aliases

Downstream

DEBIAN-CVE-2024-45230

OESA-2024-2278

OESA-2024-2279

OESA-2024-2280

OESA-2024-2281

OESA-2024-2282

RHSA-2024:8534

SUSE-SU-2024:3139-1

SUSE-SU-2024:3161-1

SUSE-SU-2024:3187-1

UBUNTU-CVE-2024-45230

USN-6987-1

openSUSE-SU-2024:0282-1

openSUSE-SU-2024:14310-1

openSUSE-SU-2024:14318-1

Related

Published

2024-10-08T16:15:11Z

Modified

2025-09-24T12:29:34.525353Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.

References

Affected packages

Git / github.com/django/django

Affected ranges

Type: GIT
Repo: https://github.com/django/django
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

6f9fea33137fee6416ff43b775aa9567440a23d3

Affected versions

1.*

1.0

1.1

1.2

1.2.1

1.3

1.4

1.7a1

1.7a2

4.*

4.2

4.2.1

4.2.10

4.2.11

4.2.12

4.2.13

4.2.14

4.2.15

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.2.8

4.2.9

4.2a1

4.2b1

4.2rc1