Navigation:   Dark C0d3rs Exploit Log Research Papers/Vulnerability reports HackerOne Disclosed Reports - 2025-05-26

HackerOne Disclosed Reports - 2025-05-26

0 Replies, 438 Views

 hashXploiter

   05-27-2025, 06:00 PM
Administrator
#1
Logo
Medium
resolved

CVE-2024-56374: Denial-of-service vulnerability in IPv6 validation


Bug reported by was disclosed at May 27, 2025, 12:26 pm   |  

A denial-of-service vulnerability was discovered in Django's IPv6 validation. The lack of an upper bound limit enforcement in strings passed during IPv6 validation could lead to a potential denial-of-service attack. The vulnerable functions, `clean_ipv6_address` and `is_valid_ipv6_address`, as well as the `django.forms.GenericIPAddressField` form field, have been updated to address this issue.


[Image: e72398fe92beda2aa80d0329e8b9f4febece7568.gif]

Messages In This Thread
HackerOne disclosed reports - 2025-05-26 - by hashXploiter - 05-27-2025, 06:00 PM



Users browsing this thread: 1 Guest(s)