An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via very large inputs with a specific sequence of characters.
{ "nvd_published_at": "2024-10-08T16:15:11Z", "cwe_ids": [ "CWE-120", "CWE-400" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-10-08T21:04:45Z" }