AVG-1924 log
Package | python-django |
Status | Fixed |
Severity | Medium |
Type | url request injection |
Affected | 3.2.1-1 |
Fixed | 3.2.2-1 |
Current | 5.1.4-1 [extra] |
Ticket | None |
Created | Thu May 6 08:23:57 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-32052 | Medium | Yes | Url request injection | In Django before 3.2.2 (with Python 3.9.5+), URLValidator does not prohibit newlines and tabs (unless the URLField form field is used). If an application... |