Description
In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.
Remediation
References
Related Vulnerabilities
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-5730)
Django Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-4534)
WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.2.25)
PHP Improper Link Resolution Before File Access ('Link Following') Vulnerability (CVE-2011-0754)
OpenSSL NULL Pointer Dereference Vulnerability (CVE-2008-1672)