发布于3月6日3月6日 Members FreeBSD: VID-171AFA61-3EBA-11EF-A58F-080027836E8B (CVE-2024-39614): Django -- multiple vulnerabilities Severity 4 CVSS (AV:L/AC:M/Au:N/C:P/I:P/A:P) Published 07/01/2024 Created 07/12/2024 Added 07/10/2024 Modified 07/10/2024 Description An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters. Solution(s) freebsd-upgrade-package-py310-django42 freebsd-upgrade-package-py310-django50 freebsd-upgrade-package-py311-django42 freebsd-upgrade-package-py311-django50 freebsd-upgrade-package-py39-django42 References CVE-2024-39614
