vulnerability

Rocky Linux: CVE-2023-36053: Satellite-6.14 (RLSA-2023-6818)

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:N/A:C)

Published

Jul 3, 2023

Added

Mar 5, 2024

Modified

Mar 31, 2026

Description

In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.

Solutions

rocky-upgrade-libdb-cxxrocky-upgrade-libdb-cxx-debuginforocky-upgrade-libdb-debuginforocky-upgrade-libdb-debugsourcerocky-upgrade-libdb-sql-debuginforocky-upgrade-libdb-sql-devel-debuginforocky-upgrade-libdb-utils-debuginfo

References

CVE-2023-36053
https://attackerkb.com/topics/CVE-2023-36053
CWE-1333
EUVD-EUVD-2023-0065
https://errata.rockylinux.org/RLSA-2023:6818
https://euvd.enisa.europa.eu/vulnerability/EUVD-2023-0065

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report