MGASA-2021-0511

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2021-0511.html

Import Source

https://advisories.mageia.org/MGASA-2021-0511.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2021-0511

Related

CVE-2020-15225

Published

2021-11-18T21:50:59Z

Modified

2021-11-18T21:02:17Z

Summary

Updated python-django-filter packages fix security vulnerability

Details

In django-filter before version 2.4.0, automatically generated 'NumberFilter' instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential format with sufficiently large exponents.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / python-django-filter

Package

Name: python-django-filter
Purl: pkg:rpm/mageia/python-django-filter?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.4.0-1.mga8

Ecosystem specific

{
    "section": "core"
}