Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
No PoCs from references.
- https://github.com/ch4n3-yoon/ch4n3-yoon
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/seal-community/patches