diff options
| author | Adam Johnson <me@adamj.eu> | 2024-01-22 13:21:13 +0000 |
|---|---|---|
| committer | Natalia <124304+nessita@users.noreply.github.com> | 2024-02-06 10:28:51 -0300 |
| commit | c1171ffbd570db90ca206c30f8e2b9f691243820 (patch) | |
| tree | eddc65477d96dcb6de5f65897273d6b8c449a6b1 /docs | |
| parent | 9dc345643e94f3a48d58fe7547fbc88ce8dab6e9 (diff) | |
[3.2.x] Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma template filter.
Thanks Seokchan Yoon for the report.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Shai Berger <shai@platonix.com>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/releases/3.2.24.txt | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/docs/releases/3.2.24.txt b/docs/releases/3.2.24.txt index 1ab7024f73..67be0f65d1 100644 --- a/docs/releases/3.2.24.txt +++ b/docs/releases/3.2.24.txt @@ -6,4 +6,8 @@ Django 3.2.24 release notes Django 3.2.24 fixes a security issue with severity "moderate" in 3.2.23. -... +CVE-2024-24680: Potential denial-of-service in ``intcomma`` template filter +=========================================================================== + +The ``intcomma`` template filter was subject to a potential denial-of-service +attack when used with very long strings. |