AVG-1924 log
| Package | python-django |
| Status | Fixed |
| Severity | Medium |
| Type | url request injection |
| Affected | 3.2.1-1 |
| Fixed | 3.2.2-1 |
| Current |
4.2.11-2 [extra-testing] 4.2.11-1 [extra] |
| Ticket | None |
| Created | Thu May 6 08:23:57 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-32052 | Medium | Yes | Url request injection | In Django before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application... |