Algorithmic complexity vulnerability in the forms library in Django 1.0 prior to 1.0.4 and 1.1 prior to 1.1.1 allows remote malicious users to cause a denial of service (CPU consumption) via a crafted (1) EmailField (email address) or (2) URLField (URL) that triggers a large amount of backtracking in a regular expression.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
djangoproject django 1.0 |
||
djangoproject django 1.1 |