Vulnerabilities > Djangoproject > Django > 4.1.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-11-03 | CVE-2023-43665 | Improper Validation of Specified Quantity in Input vulnerability in multiple products In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. | 7.5 |
2023-11-02 | CVE-2023-46695 | Allocation of Resources Without Limits or Throttling vulnerability in Djangoproject Django An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. | 7.5 |