CVE-2022-41323

Published: Oct 16, 2022

Modified: May 14, 2025

PUBLISHED

Description

In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://groups.google.com/forum/#%21forum/django-announce

https://docs.djangoproject.com/en/4.0/releases/security/

https://www.djangoproject.com/weblog/2022/oct/04/security-releases/

https://github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924

https://security.netapp.com/advisory/ntap-20221124-0001/

FEDORA-2023-3d775d93be

vendor-advisory

FEDORA-2023-bde7913e5a

vendor-advisory

FEDORA-2023-a74513bda8

vendor-advisory

FEDORA-2023-8fed428c5e

vendor-advisory

FEDORA-2023-a53ab7c969

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-41323

Description

Affected Products

References