High severityNVD Advisory· Published Jul 14, 2015· Updated Jun 17, 2026
CVE-2015-5145
CVE-2015-5145
Description
validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
DjangoPyPI | >= 1.8a1, < 1.8.3 | 1.8.3 |
Affected products
8cpe:2.3:a:djangoproject:django:1.8.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:djangoproject:django:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:djangoproject:django:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:djangoproject:django:1.8.2:*:*:*:*:*:*:*
- ghsa-coords5 versionspkg:pypi/djangopkg:rpm/opensuse/python-Django4&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python-Django6&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/python-Django&distro=openSUSE%20Tumbleweedpkg:rpm/suse/python-Django&distro=SUSE%20Package%20Hub%2012%20SP1
>= 1.8a1, < 1.8.3+ 4 more
- (no CPE)range: >= 1.8a1, < 1.8.3
- (no CPE)range: < 4.2.14-1.1
- (no CPE)range: < 6.0-1.1
- (no CPE)range: < 1.9.12-1.1
- (no CPE)range: < 1.11.15-2.1
Patches
Vulnerability mechanics
References
12- github.com/advisories/GHSA-cqf7-ff9h-7967ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2015-5145ghsaADVISORY
- www.djangoproject.com/weblog/2015/jul/08/security-releases/nvdVendor Advisory
- github.com/django/django/blob/4555a823fd57e261e1b19c778429473256c8ea08/docs/releases/1.8.3.txtghsaWEB
- github.com/django/django/commit/8f9a4d3a2bc42f14bb437defd30c7315adbff22cghsaWEB
- github.com/pypa/advisory-database/tree/main/vulns/django/PYSEC-2015-21.yamlghsaWEB
- security.gentoo.org/glsa/201510-06nvdWEB
- web.archive.org/web/20150924150801/http://www.securitytracker.com/id/1032820ghsaWEB
- web.archive.org/web/20170526042302/http://www.securityfocus.com/bid/75691ghsaWEB
- www.djangoproject.com/weblog/2015/jul/08/security-releasesghsaWEB
- www.securityfocus.com/bid/75691nvd
- www.securitytracker.com/id/1032820nvd
News mentions
0No linked articles in our index yet.