Description
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.
Remediation
References
Related Vulnerabilities
Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7932)
WordPress Plugin Playbuzz Cross-Site Scripting (0.8.1)
WordPress Plugin WP Events Calendar 'event_id' Parameter SQL Injection (6.5.2)
MySQL Improper Initialization Vulnerability (CVE-2020-11655)
WordPress Plugin Search & Replace PHP Object Injection (3.2.2)