PT-2026-55565 · Pypi · Wagtail

Publicado

2026-07-01

·

Atualizado

2026-07-01

CVSS v3.1

2.7

Baixa

VetorAV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L
Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, an authenticated admin user can trigger expensive rendition processing with purposefully crafted filter specs resulting in potentially service degradation. The vulnerability is not exploitable by an ordinary site visitor without access to the Wagtail admin. This issue has been fixed in versions 7.0.8, 7.3.3, and 7.4.2.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Identificadores relacionados

PYSEC-2026-613

Produtos afetados

Wagtail