VYPR
Moderate severityNVD Advisory· Published Dec 6, 2024· Updated Dec 31, 2024

CVE-2024-53907

CVE-2024-53907

Description

An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 5.1.0, < 5.1.45.1.4
DjangoPyPI
>= 4.2.0, < 4.2.174.2.17
DjangoPyPI
>= 5.0.0, < 5.0.105.0.10
djangoPyPI
>= 5.1, < 5.1.45.1.4
djangoPyPI
>= 5.0, < 5.0.105.0.10
djangoPyPI
>= 4.2, < 4.2.174.2.17

Affected products

31

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.