Lucene search
K

8 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/06/15 12:0 a.m.5 views

python311-starlette-1.2.0-1.1 on GA media (moderate)

python311-starlette-1.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11026-1 Rating: moderate Cross-References: CVE-2026-48710 CVSS scores: CVE-2026-48710 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-48710 SUSE : 6.9...

6.9CVSS5.3AI score0.01438EPSS
Exploits2
OSV
OSV
added 2026/06/08 2:58 p.m.8 views

CLEANSTART-2026-NN42198 Security fixes for CVE-2024-35195, CVE-2024-47081, CVE-2025-8869, CVE-2026-1703, CVE-2026-25645, CVE-2026-3219, CVE-2026-44431, CVE-2026-44432, CVE-2026-45409, CVE-2026-48710, CVE-2026-6357, ghsa-58qw-9mgm-455v, ghsa-65pc-fj4g-8rjx, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 1.25.2-r0, 2.2.3-r0, 2.2.3-r1

Multiple security vulnerabilities affect the k8s-sidecar package. These issues are resolved in later releases. See references for individual vulnerability details...

8.9CVSS6.5AI score0.01438EPSS
Exploits4References28
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.10 views

Fedora 44 : python-starlette (2026-3bce8d3f11)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bce8d3f11 advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

6.5CVSS5.5AI score0.01438EPSS
Exploits2References2
vulnersOsv
vulnersOsv
added 2026/06/04 1:15 p.m.7 views

01os (>=0.0.1 <=0.0.14), 2025-assignment2-expenses-manager (>=0.1.1 <=0.1.7) +4866 more potentially affected by CVE-2026-48710 via starlette (>=0.20.2 <=1.0.0rc1)

starlette PYPI version =0.20.2, =0.0.1, =0.1.1, =0.5.3, =0.3.6, =0.12.0, =0.4.2, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =0.1.9 and more Source cves: CVE-2026-48710 Source advisory: OSV:GHSA-86QP-5C8J-P5MR...

6.5CVSS5.9AI score0.01438EPSS
Exploits2
OSV
OSV
added 2026/05/26 10:16 p.m.14 views

DEBIAN-CVE-2026-48710

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS5.8AI score0.01438EPSS
Exploits2References1
OSV
OSV
added 2026/05/26 10:16 p.m.12 views

UBUNTU-CVE-2026-48710

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS5.8AI score0.01438EPSS
Exploits2References6
Debian CVE
Debian CVE
added 2026/05/26 9:54 p.m.13 views

CVE-2026-48710

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS5.8AI score0.01438EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/05/26 9:54 p.m.19 views

CVE-2026-48710 Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks

Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...

6.5CVSS5.8AI score0.01438EPSS
Exploits2References7
Rows per page
Query Builder