Passing certain inputs to multipart forms could result in an infinite loop when parsing files.
Created attachment 1858150 [details] 0002-2.2.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch
Created attachment 1858151 [details] 0002-3.2.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch
Created attachment 1858152 [details] 0002-4.0.x-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-f.patch
Created attachment 1858153 [details] 0002-Fixed-CVE-2022-23833-Fixed-DoS-possiblity-in-file-up.patch
Created django:1.6/python-django tracking bugs for this issue: Affects: fedora-all [bug 2049324] Created python-django tracking bugs for this issue: Affects: epel-all [bug 2049327] Affects: fedora-all [bug 2049325] Affects: openstack-rdo [bug 2049329]
This issue has been addressed in the following products: Red Hat Satellite 6.11 for RHEL 7 Red Hat Satellite 6.11 for RHEL 8 Via RHSA-2022:5498 https://access.redhat.com/errata/RHSA-2022:5498
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-23833
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2022:8853 https://access.redhat.com/errata/RHSA-2022:8853
This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2022:8872 https://access.redhat.com/errata/RHSA-2022:8872