Description
The default configuration for the file upload handling system in Django before 1.4.14, 1.5.x before 1.5.9, 1.6.x before 1.6.6, and 1.7 before release candidate 3 uses a sequential file name generation process when a file with a conflicting name is uploaded, which allows remote attackers to cause a denial of service (CPU consumption) by unloading a multiple files with the same name.
Remediation
References
Related Vulnerabilities
MySQL CVE-2016-0667 Vulnerability (CVE-2016-0667)
WordPress Plugin Subscribe Sidebar by Blubrry Cross-Site Scripting (1.3.1)
Oracle Database Server CVE-2019-2516 Vulnerability (CVE-2019-2516)
SharePoint CVE-2022-30159 Vulnerability (CVE-2022-30159)
Oracle Application Server Other Vulnerability (CVE-2002-0840)