Description
An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server CVE-2013-1862 Vulnerability (CVE-2013-1862)
WordPress Plugin WP Private Message Insecure Direct Object Reference (1.0.5)
Microsoft SQL Server Other Vulnerability (CVE-2002-1145)
WebLogic Other Vulnerability (CVE-2020-10672)
WordPress Plugin Facebook for WordPress Cross-Site Request Forgery (3.0.3)