USN-5204-1: Django vulnerabilities
Chris Bailey discovered that Django incorrectly handled evaluating
submitted passwords. A remote attacker could possibly use this issue to
consume resources, resulting in a denial of service. (CVE-2021-45115)
Dennis Brinkrolf discovered that Django incorrectly handled the dictsort
template filter. A remote attacker could possibly use this issue to obtain
sensitive information. (CVE-2021-45116)
Dennis Brinkrolf discovered that Django incorrectly handled certain file
names. A remote attacker could possibly use this issue to save files to
arbitrary filesystem locations. (CVE-2021-45452)
Source: USN-5204-1: Django vulnerabilities
Leave a Reply