Miggo Logo
Miggo Vulnerability Database
CVE-2013-0306

CVE-2013-0306: Django is vulnerable to Denial of Service attack in formset

5.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2013-0306
GHSA ID
GHSA-g8xg-jgj6-49r3
EPSS Score
0.6737%
CWE
CWE-400
Published
5/5/2022
Updated
9/18/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
Djangopip>= 1.3, < 1.3.61.3.6
Djangopip>= 1.4, < 1.4.41.4.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the lack of a hard limit on the number of forms in a formset. The patch introduced DEFAULT_MAX_NUM and modified _construct_forms to use min(self.total_form_count(), self.absolute_max), capping the forms created. The original code in _construct_forms used xrange(self.total_form_count()) without constraints, and formset_factory allowed max_num=None, making the system rely on attacker-controlled input. These functions directly handled formset creation without enforcing limits, enabling the DoS vector.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** *orm li*r*ry in *j*n*o *.*.x ***or* *.*.*, *.*.x ***or* *.*.*, *n* *.* ***or* r*l**s* **n*i**t* * *llows r*mot* *tt**k*rs to *yp*ss int*n*** r*sour** limits *or *orms*ts *n* **us* * **ni*l o* s*rvi** (m*mory *onsumption) or tri***r s*rv*r *rrors

Reasoning

T** vuln*r**ility st*ms *rom t** l**k o* * **r* limit on t** num**r o* *orms in * *orms*t. T** p*t** intro*u*** ****ULT_M*X_NUM *n* mo*i*i** _*onstru*t_*orms to us* min(s*l*.tot*l_*orm_*ount(), s*l*.**solut*_m*x), **ppin* t** *orms *r**t**. T** ori*i