VYPR
High severityNVD Advisory· Published Feb 15, 2023· Updated Mar 18, 2025

CVE-2023-24580

CVE-2023-24580

Description

An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 3.2a1, < 3.2.183.2.18
DjangoPyPI
>= 4.1a1, < 4.1.74.1.7
DjangoPyPI
>= 4.0a1, < 4.0.104.0.10

Affected products

18

Patches

Vulnerability mechanics

References

31

News mentions

0

No linked articles in our index yet.