Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-24762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - python-multipart is a streaming multipart parser for Python. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type...

7.5CVSS6.9AI score0.01523EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.19 views

Fedora 40 : python-fastapi (2024-0396ef82cd)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-0396ef82cd advisory. Automatic update for python-fastapi-0.109.1-1.fc40. Changelog Thu Feb 8 2024 Packit - 0.109.1-1 - packit 0.109.1 upstream release - Resolves rhbz2262507,...

7.5CVSS6.9AI score0.01523EPSS
Exploits1References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/03/07 3:31 p.m.32 views

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service due to [CVE-2023-24762]

Summary FastAPI is used by IBM App Connect Enterprise Certified Container for internal HTTP communications. IBM App Connect Enterprise Certified Container DesignerAuthoring operands that use mapping assistance are vulnerable to denial of service. This bulletin provides patch information to addres...

9.8CVSS7.4AI score0.02524EPSS
Exploits1Affected Software1
NVD
NVD
added 2024/02/05 3:15 p.m.17 views

CVE-2024-24762

python-multipart is a streaming multipart parser for Python. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consumi...

7.5CVSS7.4AI score0.01523EPSS
Exploits1References8
Wolfi
Wolfi
added 2024/02/05 3:15 p.m.41 views

CVE-2024-24762 vulnerabilities

Vulnerabilities for packages: reflex...

7.5CVSS7.2AI score0.01523EPSS
Exploits1
Chainguard
Chainguard
added 2024/02/05 3:15 p.m.33 views

CVE-2024-24762 vulnerabilities

Vulnerabilities for packages: reflex...

7.5CVSS7.3AI score0.01523EPSS
Exploits1
CVE
CVE
added 2024/02/05 2:33 p.m.444 views

CVE-2024-24762

CVE-2024-24762 affects python-multipart and describes a ReDoS in parsing the HTTP Content-Type header (options). An attacker can send a crafted Content-Type to exhaust CPU and stall the event loop. The vulnerability is fixed in version 0.0.7 by upstream patching the regex. Remediation is to upgra...

7.5CVSS7.2AI score0.01523EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2024/02/05 2:33 p.m.31 views

CVE-2024-24762 python-multipart vulnerable to content-type header Regular expression Denial of Service

python-multipart is a streaming multipart parser for Python. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consumi...

7.5CVSS7.5AI score0.01523EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2024/02/05 2:33 p.m.10 views

CVE-2024-24762 python-multipart vulnerable to content-type header Regular expression Denial of Service

python-multipart is a streaming multipart parser for Python. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consumi...

7.5CVSS7.4AI score0.01523EPSS
Exploits1References8
OSV
OSV
added 2024/02/05 2:33 p.m.28 views

CVE-2024-24762 python-multipart vulnerable to content-type header Regular expression Denial of Service

python-multipart is a streaming multipart parser for Python. When using form data, python-multipart uses a Regular Expression to parse the HTTP Content-Type header, including options. An attacker could send a custom-made Content-Type option that is very difficult for the RegEx to process, consumi...

7.5CVSS6.7AI score0.01523EPSS
Exploits1References13
Rows per page
Query Builder