mirror of
https://github.com/django/django.git
synced 2024-12-25 10:35:48 +00:00
9c51b4dcfa
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
15 lines
537 B
Plaintext
15 lines
537 B
Plaintext
===========================
|
|
Django 4.1.11 release notes
|
|
===========================
|
|
|
|
*September 4, 2023*
|
|
|
|
Django 4.1.11 fixes a security issue with severity "moderate" in 4.1.10.
|
|
|
|
CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()``
|
|
===================================================================================================
|
|
|
|
``django.utils.encoding.uri_to_iri()`` was subject to potential denial of
|
|
service attack via certain inputs with a very large number of Unicode
|
|
characters.
|