Description

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Remediation

References

CVE-2022-23833

Related Vulnerabilities

WordPress Plugin Accordion Shortcodes Cross-Site Scripting (2.4.2)

Apache HTTP Server Resource Management Errors Vulnerability (CVE-2011-1928)

WordPress Plugin Opal Estate Cross-Site Request Forgery (1.6.11)

MySQL CVE-2019-2683 Vulnerability (CVE-2019-2683)

Joomla Other Vulnerability (CVE-2005-3772)

Severity

High

Classification

CVE-2022-23833 CWE-835 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L

Tags

Missing Update Known Vulnerabilities