SecuritySpace - CVE-2021-45115

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2021-45115

Description: An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2021-45115
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV/
https://docs.djangoproject.com/en/4.0/releases/security/
https://groups.google.com/forum/#!forum/django-announce

CVE ID:	CVE-2021-45115
Description:	An issue was discovered in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1. UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2021-45115 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B4SQG2EAF4WCI2SLRL6XRDJ3RPK3ZRDV/ https://docs.djangoproject.com/en/4.0/releases/security/ https://groups.google.com/forum/#!forum/django-announce