diff --git a/docs/releases/security.txt b/docs/releases/security.txt index 37cc2b36e0..45ee878c36 100644 --- a/docs/releases/security.txt +++ b/docs/releases/security.txt @@ -36,6 +36,32 @@ Issues under Django's security process All security issues have been handled under versions of Django's security process. These are listed below. +February 1, 2022 - :cve:`2022-22818` +------------------------------------ + +Possible XSS via ``{% debug %}`` template tag. `Full description +`__ + +Versions affected +~~~~~~~~~~~~~~~~~ + +* Django 4.0 :commit:`(patch) <01422046065d2b51f8f613409cad2c81b39487e5>` +* Django 3.2 :commit:`(patch) <1a1e8278c46418bde24c86a65443b0674bae65e2>` +* Django 2.2 :commit:`(patch) ` + +February 1, 2022 - :cve:`2022-23833` +------------------------------------ + +Denial-of-service possibility in file uploads. `Full description +`__ + +Versions affected +~~~~~~~~~~~~~~~~~ + +* Django 4.0 :commit:`(patch) ` +* Django 3.2 :commit:`(patch) ` +* Django 2.2 :commit:`(patch) ` + January 4, 2022 - :cve:`2021-45452` ------------------------------------