Description

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Remediation

References

CVE-2022-23833

Related Vulnerabilities

WordPress Plugin WP Post Rating Security Bypass (2.4.6)

WordPress Plugin Store Locator Plus for WordPress Cross-Site Scripting (5.5.15)

WordPress Plugin Participants Database SQL Injection (1.9.5.5)

WebLogic CVE-2010-4453 Vulnerability (CVE-2010-4453)

WordPress Plugin Memphis Documents Library Multiple Unspecified Vulnerabilities (3.6.21)

Severity

High

Classification

CVE-2022-23833 CWE-835 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities