An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. Due to leveraging the Django Template Language's variable resolution logic, the dictsort template filter was potentially vulnerable to information disclosure, or an unintended method call, if passed a suitably crafted key.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2022-01-04T23:12:43
Updated: 2024-08-04T04:39:20.434Z
Reserved: 2021-12-16T00:00:00
Link: CVE-2021-45116
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-01-05T00:15:07.953
Modified: 2024-11-21T06:31:59.500
Link: CVE-2021-45116
Redhat