Severe Django ReDoS Bug Fixed
1 min read
Jul 19, 2023
It was discovered that in Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attacks via a vast number of domain name labels of emails and URLs (CVE-2023-36053).
This issue could result in loss of access to critical systems and potential system compromise.
An essential update for Django that fixes this dangerous bug is now available. We urge all impacted users to apply the Django updates issued by their distro(s) now to ensure their systems remain accessible.
To stay on top of essential updates released by the open-source programs and applications you use, register as a LinuxSecurity user, subscribe to our Linux Advisory Watch newsletter, and customize your advisories for your distro(s). This will enable you to stay up-to-date on the latest, most significant issues impacting the security of your systems.
Follow @LS_Advisories on Twitter for real-time updates on advisories for your distro(s).
Related Articles
1 - 0 min read
8220 Hacker Group Targets Cloud Systems To Mine Crypto
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Millions Of GitHub Repositories Infected With Malicious Code
1 - 0 min read
New GhostRace Attack Impacts Major CPU, Software Vendors
1 - 0 min read
SSH Under Siege: Decoding the Terrapin Attack
