Advisories ยป MGASA-2023-0026

Updated python-django packages fix security vulnerability

Publication date: 07 Feb 2023
Modification date: 06 Feb 2023
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-41323 , CVE-2023-23969

Description

Internationalized URLs were subject to a potential denial of service
attack via the locale parameter, which is treated as a regular
expression. (CVE-2022-41323)
Potential denial-of-service via Accept-Language headers (CVE-2023-23969)
                

References

SRPMS

8/core