Updated python-django-filter packages fix security vulnerability
Publication date: 18 Nov 2021Modification date: 18 Nov 2021
Type: security
Affected Mageia releases : 8
CVE: CVE-2020-15225
Description
In django-filter before version 2.4.0, automatically generated 'NumberFilter' instances, whose value was later converted to an integer, were subject to potential DoS from maliciously input using exponential format with sufficiently large exponents.
References
SRPMS
8/core
- python-django-filter-2.4.0-1.mga8