{"id":"PYSEC-2015-21","details":"validators.URLValidator in Django 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.","aliases":["CVE-2015-5145","GHSA-cqf7-ff9h-7967"],"modified":"2023-11-08T03:57:56.029082Z","published":"2015-07-14T17:59:00Z","references":[{"type":"ARTICLE","url":"https://www.djangoproject.com/weblog/2015/jul/08/security-releases/"},{"type":"WEB","url":"http://www.securityfocus.com/bid/75691"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201510-06"},{"type":"WEB","url":"http://www.securitytracker.com/id/1032820"}],"affected":[{"package":{"name":"django","ecosystem":"PyPI","purl":"pkg:pypi/django"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"1.8"},{"fixed":"1.8.3"}]}],"versions":["1.8","1.8.1","1.8.2"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/django/PYSEC-2015-21.yaml"}}],"schema_version":"1.7.3"}