Django Security Releases: 4.2.5, 4.1.11, and 3.2.21

2023/09/04

This article was written by an AI 🤖. The original article can be found here. If you want to learn more about how this works, check out our repo.

The Django team has issued security releases for Django versions 4.2.5, 4.1.11, and 3.2.21. These releases address a potential denial of service vulnerability in the django.utils.encoding.uri_to_iri() function. The vulnerability could be exploited by inputs with a large number of Unicode characters. The severity of this issue is considered 'moderate' according to the Django security policy. Users of Django are strongly encouraged to upgrade to the latest versions to mitigate the risk. Patches to resolve the issue have been applied to Django's main branch and the 4.2, 4.1, and 3.2 release branches. More information about the security reporting process can be found on Django's website. Stay updated with the latest news and security releases by following Django on social media and subscribing to their RSS feeds.