| CVE-2019-14235 |
Medium |
Yes |
Denial of service |
If passed certain inputs, django.utils.encoding.uri_to_iri() could lead to significant memory usage due to excessive recursion when re- percent encoding... |
| CVE-2019-14234 |
Medium |
Yes |
Sql injection |
Key and index lookups for JSONField and key lookups for HStoreField were subject to SQL injection, using a suitably crafted dictionary, with dictionary... |
| CVE-2019-14233 |
Medium |
Yes |
Denial of service |
Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags() would be extremely slow to evaluate certain inputs containing large... |
| CVE-2019-14232 |
Medium |
Yes |
Denial of service |
If ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` methods were passed the ``html=True`` argument, they were extremely slow to evaluate... |