Mageia 8: 2021-0511 Moderate: python-django-filter DoS Vulnerability
mageia
November 18, 2021
In django-filter before version 2.4.0, automatically generated 'NumberFilter' instances, whose value was later converted to an integer, were subject to potential DoS from malicious...
Summary
In django-filter before version 2.4.0, automatically generated 'NumberFilter'
instances, whose value was later converted to an integer, were subject to
potential DoS from maliciously input using exponential format with
sufficiently large exponents.
References
- https://bugs.mageia.org/show_bug.cgi?id=29603
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DPHENTRHRAYFXYPPBT7JRHZRWILRY44S/
- https://www.cve.org/CVERecord?id=CVE-2020-15225
Resolution
SRPMS
- 8/core/python-django-filter-2.4.0-1.mga8
PREVIOUS 
NEXT Severity
important
Lowest
Low
Medium
High
Critical
Publication date: 18 Nov 2021
URL: https://advisories.mageia.org/MGASA-2021-0511.html
Type: security
CVE: CVE-2020-15225
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!