Skip to content

Commit 047ece3

Browse files
felixxmfelixxm
committed
[2.2.x] Added CVE-2022-22818 and CVE-2022-23833 to security archive.
Backport of 9e0df0d from main
1 parent 2427b2f commit 047ece3

1 file changed

Lines changed: 25 additions & 0 deletions

File tree

docs/releases/security.txt

Lines changed: 25 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1286,3 +1286,28 @@ Versions affected
12861286
* Django 3.2 :commit:`(patch) <8d2f7cff76200cbd2337b2cf1707e383eb1fb54b>`
12871287
* Django 2.2 :commit:`(patch) <4cb35b384ceef52123fc66411a73c36a706825e1>`
12881288

1289+
February 1, 2022 - :cve:`2022-22818`
1290+
------------------------------------
1291+
1292+
Possible XSS via ``{% debug %}`` template tag. `Full description
1293+
<https://www.djangoproject.com/weblog/2022/feb/01/security-releases/>`__
1294+
1295+
Versions affected
1296+
~~~~~~~~~~~~~~~~~
1297+
1298+
* Django 4.0 :commit:`(patch) <01422046065d2b51f8f613409cad2c81b39487e5>`
1299+
* Django 3.2 :commit:`(patch) <1a1e8278c46418bde24c86a65443b0674bae65e2>`
1300+
* Django 2.2 :commit:`(patch) <c27a7eb9f40b64990398978152e62b6ff839c2e6>`
1301+
1302+
February 1, 2022 - :cve:`2022-23833`
1303+
------------------------------------
1304+
1305+
Denial-of-service possibility in file uploads. `Full description
1306+
<https://www.djangoproject.com/weblog/2022/feb/01/security-releases/>`__
1307+
1308+
Versions affected
1309+
~~~~~~~~~~~~~~~~~
1310+
1311+
* Django 4.0 :commit:`(patch) <f9c7d48fdd6f198a6494a9202f90242f176e4fc9>`
1312+
* Django 3.2 :commit:`(patch) <d16133568ef9c9b42cb7a08bdf9ff3feec2e5468>`
1313+
* Django 2.2 :commit:`(patch) <c477b761804984c932704554ad35f78a2e230c6a>`

0 commit comments

Comments
 (0)