Description
The django.forms.ImageField class in the form system in Django before 1.3.2 and 1.4.x before 1.4.1 completely decompresses image data during image validation, which allows remote attackers to cause a denial of service (memory consumption) by uploading an image file.
Remediation
References
Related Vulnerabilities
Drupal Core 8.7.x Security Bypass (8.7.0 - 8.7.10)
WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Security Bypass (4.16)
WordPress Incorrect Authorization Vulnerability (CVE-2018-20147)
WordPress Plugin Code Insert Manager (Q2W3 Inc Manager) ZeroClipboard Cross-Site Scripting (2.3.1)