VYPR
Moderate severityNVD Advisory· Published May 8, 2025· Updated May 8, 2025

CVE-2025-32873

CVE-2025-32873

Description

An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable to a potential denial-of-service (slow performance) when processing inputs containing large sequences of incomplete HTML tags. The template filter striptags is also vulnerable, because it is built on top of strip_tags().

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
DjangoPyPI
>= 4.2, < 4.2.214.2.21
DjangoPyPI
>= 5.1, < 5.1.95.1.9
DjangoPyPI
>= 5.2, < 5.2.15.2.1

Affected products

14

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.