Lucene search

Veracode Vulnerability DatabaseVERACODE:30300

HistoryApr 30, 2021 - 4:45 a.m.

Denial Of Service (DoS)

2021-04-3004:45:44

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

django-filters

vulnerable

exponential input

application crash

malicious input

EPSS

0.002

Percentile

61.6%

JSON

django-filters is vulnerable to denial of service. An attacker is able to cause an application crash by submitting malicious input using exponential format with large exponents.

References

github.com/carltongibson/django-filter/commit/340cf7a23a2b3dcd7183f6a0d6c383e85b130d2b

github.com/carltongibson/django-filter/pull/1272

github.com/carltongibson/django-filter/releases/tag/2.4.0

github.com/carltongibson/django-filter/security/advisories/GHSA-x7gm-rfgv-w973

lists.fedoraproject.org/archives/list/[email protected]/message/DPHENTRHRAYFXYPPBT7JRHZRWILRY44S/

lists.fedoraproject.org/archives/list/[email protected]/message/FAT2ZAEF6DM3VFSOHKB7X3ASSHGQHJAK/

pypi.org/project/django-filter/

security.netapp.com/advisory/ntap-20210604-0010/

EPSS

0.002

Percentile

61.6%

JSON

Related for VERACODE:30300