Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Django Allocation of Resources Without Limits or Throttling Vulnerability - CVE-2023-23969 - Vulnerability Database
Django

Django Allocation of Resources Without Limits or Throttling Vulnerability - CVE-2023-23969

High
Reference: CVE-2023-23969
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-23969
Title: Django Allocation of Resources Without Limits or Throttling Vulnerability
Overview:

In Django 3.2 before 3.2.17 4.0 before 4.0.9 and 4.1 before 4.1.6 the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.