CVE-2018-7537 — Incorrect Regular Expression in Django

CWE-185 — Incorrect Regular Expression CWE-20 — Improper Input Validation CWE-400 — Uncontrolled Resource Consumption12 documents8 sources

Severity

5.3MEDIUMNVD

EPSS

2.1%

top 16.05%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Djangoproject Django Canonical Ubuntu Linux Debian Linux

Timeline

PublishedMar 9

Latest updateJan 4

Description

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:LExploitability: 3.9 | Impact: 1.4

Affected Packages2 packages

▶NVDdjangoproject/django1.8 — 1.8.19+2

▶PyPIdjangoproject/django2.0 — 2.0.3+2

Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 17.10

🔴Vulnerability Details

GHSA

Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters↗2019-01-04

▶

OSV

Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters↗2019-01-04

▶

OSV

CVE-2018-7537: An issue was discovered in Django 2↗2018-03-09

▶

CVEList

CVE-2018-7537: An issue was discovered in Django 2↗2018-03-09

▶

📋Vendor Advisories

Ubuntu

Django vulnerabilities↗2018-03-06

▶

Red Hat

django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'↗2018-03-06

▶

Debian

CVE-2018-7537: python-django - An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8...↗2018

▶

💬Community

Bugzilla

CVE-2018-7536 CVE-2018-7537 python-django16: various flaws [epel-7]↗2018-03-06

▶

Bugzilla

CVE-2018-7536 CVE-2018-7537 python-django: various flaws [fedora-all]↗2018-03-06

▶

Bugzilla

CVE-2018-7536 CVE-2018-7537 python-django: various flaws [epel-7]↗2018-03-06

▶

Bugzilla

CVE-2018-7537 django: Catastrophic backtracking in regular expressions via 'truncatechars_html' and 'truncatewords_html'↗2018-02-27

▶