django is vulnerable to denial of service. The vulnerability is due to the regex
function in resolvers.py
locale parameter not being treated as a regular expression which allows an attacker to cause an application crash via malicious input.
docs.djangoproject.com/en/4.0/releases/security/
github.com/advisories/GHSA-qrw5-5h28-6cmg
github.com/django/django/commit/23f0093125ac2e553da6c1b2f9988eb6a3dd2ea1
github.com/django/django/commit/5b6b257fa7ec37ff27965358800c67e2dd11c924
github.com/django/django/commit/9d656ea51d9ea7105c0c0785783ac29d426a7d25
groups.google.com/forum/#!forum/django-announce
lists.fedoraproject.org/archives/list/[email protected]/message/FKYVMMR7RPM6AHJ2SBVM2LO6D3NGFY7B/
lists.fedoraproject.org/archives/list/[email protected]/message/HWY6DQWRVBALV73BPUVBXC3QIYUM24IK/
lists.fedoraproject.org/archives/list/[email protected]/message/LTZVAKU5ALQWOKFTPISE257VCVIYGFQI/
lists.fedoraproject.org/archives/list/[email protected]/message/VZS4G6NSZWPTVXMMZHJOJVQEPL3QTO77/
lists.fedoraproject.org/archives/list/[email protected]/message/YJB6FUBBLVKKG655UMTLQNN6UQ6EDLSP/
security.netapp.com/advisory/ntap-20221124-0001/
www.djangoproject.com/weblog/2022/oct/04/security-releases/