Fedora 42: FEDORA-2025-6de2ab1d25 Critical python-django DoS Threats
fedora
June 18, 2025
Fixes CVE-2025-32873: Denial-of-service possibility in strip_tags() Fixes CVE-2025-48432: Potential log injection via unescaped request path
Summary
Django is a high-level Python Web framework that encourages rapid
development and a clean, pragmatic design. It focuses on automating as
much as possible and adhering to the DRY (Don't Repeat Yourself)
principle.
Update Information:
Fixes CVE-2025-32873: Denial-of-service possibility in strip_tags() Fixes CVE-2025-48432: Potential log injection via unescaped request path
Topics Covered
Change Log
* Sun Jun 8 2025 Michel Lind
References
[ 1 ] Bug #2365046 - CVE-2025-32873 python-django4.2: Django StripTags Denial of Service [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2365046
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-6de2ab1d25' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: python-django4.2
Product: Fedora 42
Version: 4.2.22
Release: 1.fc42
Summary: A high-level Python Web framework
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!