CVE-2018-7536

An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable.

Weakness

The product specifies a regular expression in a way that causes data to be improperly matched or compared.

Affected Software

Name	Vendor	Start Version	End Version
Ubuntu_linux	Canonical	14.04 (including)	14.04 (including)
Ubuntu_linux	Canonical	16.04 (including)	16.04 (including)
Ubuntu_linux	Canonical	17.10 (including)	17.10 (including)

Potential Mitigations

https://cwe.mitre.org/data/definitions/15.html
https://cwe.mitre.org/data/definitions/6.html
https://cwe.mitre.org/data/definitions/79.html

References

http://www.securityfocus.com/bid/103361
https://access.redhat.com/errata/RHSA-2018:2927
https://access.redhat.com/errata/RHSA-2019:0051
https://access.redhat.com/errata/RHSA-2019:0082
https://access.redhat.com/errata/RHSA-2019:0265
https://github.com/django/django/commit/1ca63a66ef3163149ad822701273e8a1844192c2
https://github.com/django/django/commit/abf89d729f210c692a50e0ad3f75fb6bec6fae16
https://github.com/django/django/commit/e157315da3ae7005fa0683ffc9751dbeca7306c8
https://lists.debian.org/debian-lts-announce/2018/03/msg00006.html
https://usn.ubuntu.com/3591-1/
https://www.debian.org/security/2018/dsa-4161
https://www.djangoproject.com/weblog/2018/mar/06/security-releases/

NVD	https://nvd.nist.gov/vuln/detail/CVE-2018-7536
CWE	https://cwe.mitre.org/data/definitions/185.html

Incorrect Regular Expression

Weakness

Affected Software

Potential Mitigations

Related Attack Patterns

References