Description

An issue was discovered in MultiPartParser in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2. Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Remediation

References

CVE-2022-23833

Related Vulnerabilities

MediaWiki Other Vulnerability (CVE-2007-0788)

Oracle JRE CVE-2023-22006 Vulnerability (CVE-2023-22006)

Squid Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9749)

WordPress Plugin Add Link to Facebook Cross-Site Scripting (2.3)

WordPress 3.9.x Possible SQL Injection Vulnerability (3.9 - 3.9.20)

Severity

High

Classification

CVE-2022-23833 CWE-835 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities