mirror of
https://github.com/django/django.git
synced 2024-12-01 15:42:04 +01:00
3f41d6d629
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
15 lines
537 B
Plaintext
15 lines
537 B
Plaintext
===========================
|
|
Django 3.2.21 release notes
|
|
===========================
|
|
|
|
*September 4, 2023*
|
|
|
|
Django 3.2.21 fixes a security issue with severity "moderate" in 3.2.20.
|
|
|
|
CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
|
|
===================================================================================================
|
|
|
|
``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
|
|
service attack via certain inputs with a very large number of Unicode
|
|
characters.
|