In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Ubuntu:24.04
python-django
to version 3:4.2.11-1ubuntu1.4 or higher.
Note: Versions mentioned in the description apply only to the upstream python-django
package and not the python-django
package as distributed by Ubuntu
.
See How to fix?
for Ubuntu:24.04
relevant fixed versions and status.
An issue was discovered in Django 5.1 before 5.1.4, 5.0 before 5.0.10, and 4.2 before 4.2.17. The strip_tags() method and striptags template filter are subject to a potential denial-of-service attack via certain inputs containing large sequences of nested incomplete HTML entities.