Linux Distros Unpatched Vulnerability : CVE-2024-47874

🗓️ 05 Mar 2025 00:00:00Reported by TenableType

Linux hosts have unpatched vulnerability CVE-2024-47874 affecting Starlette leading to Denial of service.

Reporter	Title	Published	Views	Family All 59
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilities	15 Apr 202503:18	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM CloudPak for AIOps	26 Mar 202503:49	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl (Publicly disclosed vulnerability found by Mend) CVE-2024-47874	20 Feb 202506:01	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security QRadar EDR Software contains multiple vulnerabilities	6 Jan 202514:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service [CVE-2024-47874]	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities	8 Nov 202408:08	–	ibm
AlpineLinux	CVE-2024-47874	15 Oct 202416:15	–	alpinelinux
Chainguard	CVE-2024-47874 vulnerabilities	15 Oct 202416:15	–	cgr

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2024-47874
ubuntu	www.ubuntu.com/security/CVE-2024-47874
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(228373);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/05/28");

  script_cve_id("CVE-2024-47874");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2024-47874");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit. Prior to version 0.40.0,
    Starlette treats `multipart/form-data` parts without a `filename` as text form fields and buffers those in
    byte strings with no size limit. This allows an attacker to upload arbitrary large form fields and cause
    Starlette to both slow down significantly due to excessive memory allocations and copy operations, and
    also consume more and more memory until the server starts swapping and grinds to a halt, or the OS
    terminates the server process with an OOM error. Uploading multiple such requests in parallel may be
    enough to render a service practically unusable, even if reasonable request size limits are enforced by a
    reverse proxy in front of Starlette. This Denial of service (DoS) vulnerability affects all applications
    built with Starlette (or FastAPI) accepting form requests. Verison 0.40.0 fixes this issue.
    (CVE-2024-47874)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2024-47874");
  script_set_attribute(attribute:"see_also", value:"https://ubuntu.com/security/CVE-2024-47874");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:U/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:U/RC:C");
  script_set_attribute(attribute:"cvss4_vector", value:"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N");
  script_set_attribute(attribute:"cvss4_threat_vector", value:"CVSS:4.0/E:U");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-47874");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/10/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:22.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:24.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:starlette");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:starlette");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025-2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/Debian Linux-11", "Host/OS/Ubuntu Linux-22.04", "Host/OS/Ubuntu Linux-24.04");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "python3-starlette"}
        ]
      }
    ]
  },
  "Ubuntu Linux-22.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "22.04",
        "pkgs": [
          {"reference": "starlette"}
        ]
      }
    ]
  },
  "Ubuntu Linux-24.04": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "24.04",
        "pkgs": [
          {"reference": "starlette"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

28 May 2026 00:00Current

7.3High risk

Vulners AI Score7.3

CVSS 48.7

EPSS0.00125

SSVC