---

CVE-2025-32873 - log back

CVE-2025-32873 created at 19 May 2025 23:12:43
Severity	+ Medium
Remote	+ Remote
Type	+ Denial of service
Description	+ django.utils.html.strip_tags() would be slow to evaluate certain inputs containing large sequences of incomplete HTML tags. This function is used to implement the striptags template filter, which was thus also vulnerable. django.utils.html.strip_tags() now raises a SuspiciousOperation exception if it encounters an unusually large number of unclosed opening tags.
References	+ https://www.djangoproject.com/weblog/2025/may/07/security-releases/
Notes