Lucene search
+L

4 matches found

CVE
CVE
added 2026/06/22 4:46 p.m.119 views

CVE-2026-54283

Starlette (Python-starlette) from 0.4.1 through 1.3.1 is affected by CVE-2026-54283, where request.form() fails to apply max_fields/max_part_size for application/x-www-form-urlencoded, allowing an unauthenticated attacker to send a URL-encoded body with unbounded fields or field size. This result...

7.5CVSS5.9AI score0.00275EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2026/03/18 1:19 p.m.5 views

undertow: OutOfMemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS5.8AI score0.01256EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/03 6:40 p.m.22 views

CVE-2024-3884 Undertow: outofmemory when parsing form data encoding with application/x-www-form-urlencoded

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS0.01256EPSS
Exploits0References14
RedhatCVE
RedhatCVE
added 2025/12/03 6:39 p.m.7 views

CVE-2024-3884

A flaw was found in Undertow that can cause remote denial of service attacks. When the server uses the FormEncodedDataDefinition.doParseStreamSourceChannel method to parse large form data encoding with application/x-www-form-urlencoded, the method will cause an OutOfMemory issue. This flaw allows...

7.5CVSS6.3AI score0.01256EPSS
Exploits0References3
Rows per page
Query Builder