mirrors/django
mirrors/django
0
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-11-22 11:57:34 +01:00
Code Issues Releases Wiki Activity
b60fd8722f
django/docs/releases/3.2.20.txt
Mariusz Felisiak ad0410ec4f Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator. 
Thanks Seokchan Yoon for reports.
2023-07-03 08:16:55 +02:00

15 lines
584 B
Plaintext
Raw Blame History

===========================
Django 3.2.20 release notes
===========================
*July 3, 2023*
Django 3.2.20 fixes a security issue with severity "moderate" in 3.2.19.
CVE-2023-36053: Potential regular expression denial of service vulnerability in ``EmailValidator``/``URLValidator``
===================================================================================================================
``EmailValidator`` and ``URLValidator`` were subject to potential regular
expression denial of service attack via a very large number of domain name
labels of emails and URLs.
View Git Blame Copy Permalink