Closed renovate[bot] closed 4 months ago
This PR contains the following updates:
==3.15.0
==3.15.2
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with tags.
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
==3.15.0->==3.15.2GitHub Vulnerability Alerts
CVE-2024-21520
Versions of the package djangorestframework before 3.15.2 are vulnerable to Cross-site Scripting (XSS) via the break_long_headers template filter due to improper input sanitization before splitting and joining with
tags.
Release Notes
encode/django-rest-framework (djangorestframework)
### [`v3.15.2`](https://togithub.com/encode/django-rest-framework/compare/3.15.1...3.15.2) [Compare Source](https://togithub.com/encode/django-rest-framework/compare/3.15.1...3.15.2) ### [`v3.15.1`](https://togithub.com/encode/django-rest-framework/compare/3.15.0...3.15.1) [Compare Source](https://togithub.com/encode/django-rest-framework/compare/3.15.0...3.15.1)Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.