Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 909578 (CVE-2023-36053) - <dev-python/django-{3.2.20,4.1.10,4.2.3}: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator
Summary: <dev-python/django-{3.2.20,4.1.10,4.2.3}: Potential regular expression denial...
Status: RESOLVED FIXED
Alias: CVE-2023-36053
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor
Assignee: Gentoo Security
URL: https://docs.djangoproject.com/en/4.2...
Whiteboard: B3 [noglsa]
Keywords:
Depends on: 909575 909576 909577
Blocks:
  Show dependency tree
 
Reported: 2023-07-04 01:45 UTC by Michał Górny
Modified: 2023-07-05 15:54 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2023-07-04 01:45:57 UTC
CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator

EmailValidator and URLValidator were subject to potential regular expression denial of service attack via a very large number of domain name labels of emails and URLs.
Comment 1 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2023-07-04 12:42:19 UTC
Removal done.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-07-05 15:54:19 UTC
Thanks, all done!