VYPR
High severityNVD Advisory· Published Aug 2, 2019· Updated Aug 5, 2024

CVE-2019-14233

CVE-2019-14233

Description

An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before 2.1.11, and 2.2.x before 2.2.4. Due to the behaviour of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 1.11a1, < 1.11.231.11.23
DjangoPyPI
>= 2.1a1, < 2.1.112.1.11
DjangoPyPI
>= 2.2a1, < 2.2.42.2.4

Affected products

10

Patches

Vulnerability mechanics

References

18

News mentions

0

No linked articles in our index yet.