GHSA-xxj9-f6rv-m3x4, CVE-2024-24680
pypi/Django
Django denial-of-service attack in the intcomma template filter
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings.
All versions before 3.2.24, all versions starting from 4.2 before 4.2.10, all versions starting from 5.0 before 5.0.2
Upgrade to versions 3.2.24, 4.2.10, 5.0.2 or above.
2024-02-07
source |