issue with severity “moderate”, one security issue with severity “low”, and several bugs in 5.1. CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc potential denial-of-service attack via very large inputs with a specific sequence of characters. CVE-2024-45231: Potential user email enumeration via response status on password reset Due to unhandled one security issue with severity “moderate” and one security issue with severity “low” in 5.0.8. CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc

issues with severity “moderate”, one security issue with severity “high”, and several bugs in 5.0.7. CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat() If floatformat received significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is. CVE-2024-41990: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc potential denial-of-service attack via very large inputs with a specific sequence of characters. CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

1, 2023 Django 4.2.7 fixes a security issue with severity “moderate” and several bugs in 4.2.6. CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows The NFKC normalization several bugs in 4.2.5. CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator Following the fix for CVE-2019-14232 [https://nvd.nist.gov/vuln/detail/CVE-2019- 14232], the regular 4, 2023 Django 4.2.5 fixes a security issue with severity “moderate” and several bugs in 4.2.4. CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uri_to_iri() django

security issue with severity“moderate”, one security issue with severity“low”, and several bugs in 5.1. CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc potential denial-of-service attack via very large inputs with a specific sequence of characters. CVE-2024-45231: Potential user email enumeration via response status on password reset Due to unhandled one security issue with severity “moderate”and one security issue with severity “low” in 5.0.8. CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc

issues with severity “moderate”, one security issue with severity “high” , and several bugs in 5.0.7. CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat() If floatformat received a significant memory consumption. To avoid this, decimals with more than 200 digits are now returned as is. CVE-2024-41990: Potential denial-of-service vulnerability in django.utils.html.urlize() urlize and urlizetrunc characters. 2096 Chapter 9. Release notes Django Documentation, Release 5.1.1.dev20240808115027 CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget

3, 2023 Django 4.2.3 fixes a security issue with severity “moderate” and several bugs in 4.2.2. CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator notes May 3, 2023 Django 4.2.1 fixes a security issue with severity “low” and several bugs in 4.2. CVE-2023-31047: Potential bypass of validation when uploading multiple files using one form field Uploading The private internal vendored copy of urllib.parse.urlsplit() now strips '\r', '\n', and '\t' (see CVE-2022-0391 and bpo-43882). This is to protect projects that may be incorrectly using the internal u

release notes July 3, 2023 Django 4.1.10 fixes a security issue with severity “moderate” in 4.1.9. CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator 1.9 release notes May 3, 2023 Django 4.1.9 fixes a security issue with severity “low” in 4.1.8. CVE-2023-31047: Potential bypass of validation when uploading multiple files using one form field Uploading February 14, 2023 Django 4.1.7 fixes a security issue with severity “moderate” and a bug in 4.1.6. CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Passing certain inputs to multipart

November 1, 2023 Django 4.2.7 fixes a security issue with severity “moderate”and several bugs in 4.2.6. CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows The NFKC normalization with severity “moderate”and several bugs in 4.2.5. CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator Following the fix for CVE-2019-14232, the regular expressions used in the implementation September 4, 2023 Django 4.2.5 fixes a security issue with severity “moderate”and several bugs in 4.2.4. CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uri_to_iri() django

notes February 14, 2023 Django 4.0.10 fixes a security issue with severity “moderate” in 4.0.9. CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Passing certain inputs to multipart with severity “moderate” in 4.0.8. 1643 Django Documentation, Release 4.0.11.dev20230214085346 CVE-2023-23969: Potential denial-of-service via Accept-Language headers The parsed values of Accept-Language release notes October 4, 2022 Django 4.0.8 fixes a security issue with severity “medium” in 4.0.7. CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs Internationalized

notes February 14, 2023 Django 4.0.10 fixes a security issue with severity “moderate” in 4.0.9. CVE-2023-24580: Potential denial-of-service vulnerability in file uploads Passing certain inputs to multipart release notes February 1, 2023 Django 4.0.9 fixes a security issue with severity “moderate” in 4.0.8. CVE-2023-23969: Potential denial-of-service via Accept- Language headers The parsed values of Accept-Language release notes October 4, 2022 Django 4.0.8 fixes a security issue with severity “medium” in 4.0.7. CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs Internationalized