In Django 3.2 before 3.2.16, 4.0 before 4.0.8, and 4.1 before 4.1.2, internationalized URLs were subject to a potential denial of service attack via the locale parameter, which is treated as a regular expression.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python-django-doc": "2:2.2.12-1ubuntu0.14", "python3-django": "2:2.2.12-1ubuntu0.14" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "python-django-doc": "2:3.2.12-2ubuntu1.3", "python3-django": "2:3.2.12-2ubuntu1.3" } ] }