{"id":"CVE-2015-2316","details":"The utils.html.strip_tags function in Django 1.6.x before 1.6.11, 1.7.x before 1.7.7, and 1.8.x before 1.8c1, when using certain versions of Python, allows remote attackers to cause a denial of service (infinite loop) by increasing the length of the input string.","aliases":["GHSA-j3j3-jrfh-cm2w","PYSEC-2015-18"],"modified":"2026-02-04T09:59:25.439437Z","published":"2015-03-25T14:59:02Z","related":["MGASA-2015-0127","SUSE-SU-2015:0563-1","SUSE-SU-2015:0694-1","SUSE-SU-2015:0695-1","SUSE-SU-2015:1109-1","SUSE-SU-2015:1112-1"],"references":[{"type":"ADVISORY","url":"http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155421.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-updates/2015-04/msg00001.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2539-1"},{"type":"ADVISORY","url":"https://www.djangoproject.com/weblog/2015/mar/18/security-releases/"},{"type":"FIX","url":"https://www.djangoproject.com/weblog/2015/mar/18/security-releases/"},{"type":"WEB","url":"http://www.securityfocus.com/bid/73322"}],"schema_version":"1.7.3"}