Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

27 matches found

Veracode
Veracodeadded 2024/11/25 6:50 p.m.10 views

Denial Of Service (DoS)

litestar is vulnerable to Denial of Service DoS. The vulnerability is due to the multipart form parser, which expects the entire request body as a single byte string without a default size limit, allowing attackers to cause excessive memory consumption by uploading arbitrarily large files...

8.2CVSS6.6AI score0.00756EPSS
Exploits1References6Affected Software2
OSV
OSVadded 2024/11/20 9:15 p.m.16 views

PYSEC-2024-178

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allows an attacker to...

7.5CVSS7.2AI score0.00756EPSS
Exploits1References6
NVD
NVDadded 2024/11/20 9:15 p.m.60 views

CVE-2024-52581

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allows an attacker to...

8.2CVSS0.00756EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2024/11/20 8:50 p.m.12 views

CVE-2024-52581 Litestar allows unbounded resource consumption (DoS vulnerability)

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allows an attacker to...

8.2CVSS6.4AI score0.00756EPSS
Exploits1References4
Cvelist
Cvelistadded 2024/11/20 8:50 p.m.19 views

CVE-2024-52581 Litestar allows unbounded resource consumption (DoS vulnerability)

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allows an attacker to...

8.2CVSS0.00756EPSS
Exploits1References4
OSV
OSVadded 2024/11/20 8:50 p.m.27 views

CVE-2024-52581 Litestar allows unbounded resource consumption (DoS vulnerability)

Litestar is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allows an attacker to...

8.2CVSS7.6AI score0.00756EPSS
Exploits1References6
OSV
OSVadded 2024/10/25 8:15 p.m.3 views

AZL-51690 CVE-2024-49767 affecting package python-werkzeug for versions less than 2.3.7-3

Werkzeug is a Web Server Gateway Interface web application library. Applications using werkzeug.formparser.MultiPartParser corresponding to a version of Werkzeug prior to 3.0.6 to parse multipart/form-data requests e.g. all flask applications are vulnerable to a relatively simple but effective...

7.5CVSS7.2AI score0.01093EPSS
Exploits0References1
Rows per page
Query Builder