October 9, 2009

Debian Security Advisory 1905 python-django - insufficient input validation

Article Source Debian Security Advisories
October 9, 2009, 5:00 pm

The forms library of python-django, a high-level Python web development framework, is using a badly chosen regular expression when validating email addresses and URLs. An attacker can use this to perform denial of service attacks (100% CPU consumption) due to bad backtracking via a specially crafted email address or URL which is validated by the django forms library...

Read More

Click Here!