A per-process cache used by Django's internationalization
("i18n") system to store the results of translation lookups
for particular values of the HTTP Accept-Language header
used the full value of that header as a key. An attacker
could take advantage of this by sending repeated requests
with extremely large strings in the Accept-Language header,
potentially causing a denial of service by filling available
memory.
Due to limitations imposed by Web server software on the
size of HTTP header fields, combined with reasonable limits
on the number of requests which may be handled by a single
server process over its lifetime, this vulnerability may be
difficult to exploit. Additionally, it is only present when
the "USE_I18N" setting in Django is "True" and the i18n
middleware component is enabled*. Nonetheless, all users of
affected versions of Django are encouraged to update.