8 matches found
python311-starlette-1.2.0-1.1 on GA media (moderate)
python311-starlette-1.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11026-1 Rating: moderate Cross-References: CVE-2026-48710 CVSS scores: CVE-2026-48710 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVE-2026-48710 SUSE : 6.9...
CLEANSTART-2026-NN42198 Security fixes for CVE-2024-35195, CVE-2024-47081, CVE-2025-8869, CVE-2026-1703, CVE-2026-25645, CVE-2026-3219, CVE-2026-44431, CVE-2026-44432, CVE-2026-45409, CVE-2026-48710, CVE-2026-6357, ghsa-58qw-9mgm-455v, ghsa-65pc-fj4g-8rjx, ghsa-jp4c-xjxw-mgf9, ghsa-mf9v-mfxr-j63j, ghsa-qccp-gfcp-xxvc applied in versions: 1.25.2-r0, 2.2.3-r0, 2.2.3-r1
Multiple security vulnerabilities affect the k8s-sidecar package. These issues are resolved in later releases. See references for individual vulnerability details...
Fedora 44 : python-starlette (2026-3bce8d3f11)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bce8d3f11 advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
01os (>=0.0.1 <=0.0.14), 2025-assignment2-expenses-manager (>=0.1.1 <=0.1.7) +4866 more potentially affected by CVE-2026-48710 via starlette (>=0.20.2 <=1.0.0rc1)
starlette PYPI version =0.20.2, =0.0.1, =0.1.1, =0.5.3, =0.3.6, =0.12.0, =0.4.2, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =0.1.9 and more Source cves: CVE-2026-48710 Source advisory: OSV:GHSA-86QP-5C8J-P5MR...
DEBIAN-CVE-2026-48710
Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...
UBUNTU-CVE-2026-48710
Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...
CVE-2026-48710 Starlette has missing Host header validation that poisons request.url.path, bypassing path-based security checks
Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...
CVE-2026-48710
Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct request.url. Because the routing algorithm relies on the raw HTTP path while request.url is rebuilt from the Host header, a malformed header...