VYPR
High severityNVD Advisory· Published Feb 1, 2023· Updated Mar 27, 2025

CVE-2023-23969

CVE-2023-23969

Description

In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 3.2a1, < 3.2.173.2.17
DjangoPyPI
>= 4.0a1, < 4.0.94.0.9
DjangoPyPI
>= 4.1a1, < 4.1.64.1.6

Affected products

10

Patches

Vulnerability mechanics

References

19

News mentions

0

No linked articles in our index yet.