An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs (e.g., an excessive number of parts) to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for a denial-of-service attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-02-15T00:00:00

Updated: 2024-08-02T11:03:18.895Z

Reserved: 2023-01-27T00:00:00

Link: CVE-2023-24580

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-02-15T01:15:10.687

Modified: 2024-11-21T07:48:10.217

Link: CVE-2023-24580

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-02-14T09:00:00Z

Links: CVE-2023-24580 - Bugzilla