14 matches found
Security Bulletin: Multiple vulnerabilities in IBM watsonx Orchestrate with watsonx Assistant Cartridge
Summary Multiple vulnerabilities were addressed in IBM watsonx Orchestrate with watsonx Assistant Cartridge version 5.3.2 Vulnerability Details CVEID:CVE-2025-55132 DESCRIPTION: A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via futimes even...
📄 Python-Multipart 0.0.22 Path Traversal
Python-Multipart version 0.0.22 suffers from a path traversal vulnerability. Exploit Title: Python-Multipart 0.0.22 - Path Traversal Date: 2026-02-23 Exploit Author: cardosource Vendor Homepage: https://github.com/Kludex/python-multipart Software Link: https://pypi.org/project/python-multipart/...
Security Bulletin: Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in python_multipart
Summary Platform Navigator in IBM Cloud Pak for Integration is vulnerable to vulnerability in pythonmultipart. CVE-2026-24486 vulnerability has been addressed. Vulnerability Details CVEID:CVE-2026-24486 DESCRIPTION: Python-Multipart is a streaming multipart parser for Python. Prior to version...
SUSE: Security Advisory (SUSE-SU-2026:20188-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-08c12edc84)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 43 : python-python-multipart (2026-08c12edc84)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-08c12edc84 advisory. Security fix for CVE-2026-24486 / GHSA- wp53-j4wj-2cfg. ---- 0.0.22 2026-01-25 Drop directory path from filename in File Tenable has extracted the preceding...
openSUSE Security Advisory (SUSE-SU-2026:0307-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2026:20188-1 Security update for python-python-multipart
This update for python-python-multipart fixes the following issues: - CVE-2026-24486: Fixed non-default configuration options can lead to path traversal bsc1257301...
CVE-2026-24486 vulnerabilities
Vulnerabilities for packages: reflex, semgrep, airflow, open-webui...
Security update for python-python-multipart
This update for python-python-multipart fixes the following issues: CVE-2026-24486: Fixed non-default configuration options can lead to path traversal bsc1257301. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
SUSE-SU-2026:0307-1 Security update for python-python-multipart
This update for python-python-multipart fixes the following issues: - CVE-2026-24486: Fixed non-default configuration options can lead to path traversal bsc1257301...
CVE-2026-24486
A flaw was found in Python-Multipart, a tool for parsing multipart form data in Python applications. This vulnerability, known as path traversal, allows a remote attacker to write uploaded files to any location on the server's file system. This exploitation occurs when specific non-default...
CVE-2026-24486 Python-Multipart has Arbitrary File Write via Non-Default Configuration
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options UPLOADDIR and UPLOADKEEPFILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting...
CVE-2026-24486
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options UPLOADDIR and UPLOADKEEPFILENAME=True. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting...