Lucene search
+L

15 matches found

nessus
nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 4: python-starlette (TSSA-2024:1053)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1053 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

8.7CVSS7.8AI score0.00658EPSS
Exploits0References2
openvas
openvas
added 2025/05/26 12:0 a.m.9 views

Fedora: Security Advisory (FEDORA-2024-466c574575)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS6.7AI score0.00658EPSS
Exploits0References5
ibm
ibm
added 2025/02/20 6:1 a.m.17 views

Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl (Publicly disclosed vulnerability found by Mend) CVE-2024-47874

Summary Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl Publicly disclosed vulnerability found by Mend CVE-2024-47874. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

8.7CVSS6.3AI score0.00658EPSS
Exploits0Affected Software1
ibm
ibm
added 2025/01/28 10:8 p.m.17 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874

Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874 Vulnerability Details CVEID:CVE-2024-47874 DESCRIPTION: Starlette is an Asynchronous Server Gateway Interface ASGI...

8.7CVSS6.1AI score0.00658EPSS
Exploits0Affected Software1
nessus
nessus
added 2024/11/15 12:0 a.m.18 views

Fedora 41 : python-fastapi / python-openapi-core / python-platformio / etc (2024-05dedb1a53)

The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-05dedb1a53 advisory. Security fix for CVE-2024-47874. Starlette 0.40.0 October 15, 2024 This release fixes a Denial of service DoS via multipart/form-data requests. You can view...

8.7CVSS7.7AI score0.00658EPSS
Exploits0References2
openvas
openvas
added 2024/10/24 12:0 a.m.16 views

Fedora: Security Advisory (FEDORA-2024-f1615b58e6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS4.2AI score0.00658EPSS
Exploits0References5
opensuse
opensuse
added 2024/10/21 12:0 a.m.5 views

python310-starlette-0.41.0-1.1 on GA media (moderate)

python310-starlette-0.41.0-1.1 on GA media Announcement ID: openSUSE-SU-2024:14417-1 Rating: moderate Cross-References: CVE-2024-47874 CVSS scores: CVE-2024-47874 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-47874 SUSE : 8.7...

8.7CVSS9.4AI score0.00658EPSS
Exploits0
nessus
nessus
added 2024/10/19 12:0 a.m.19 views

openSUSE 15 Security Update : python-starlette (SUSE-SU-2024:3719-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3719-1 advisory. - CVE-2024-47874: Fixed possible DoS via parts size in multipart/form-data requests bsc1231689 Tenable has extracted the preceding description block directly...

8.7CVSS7.7AI score0.00658EPSS
Exploits0References4
openvas
openvas
added 2024/10/19 12:0 a.m.15 views

openSUSE Security Advisory (SUSE-SU-2024:3719-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS8.2AI score0.00658EPSS
Exploits0References4
suse
suse
added 2024/10/18 5:54 a.m.4 views

Security update for python-starlette

This update for python-starlette fixes the following issues: CVE-2024-47874: Fixed possible DoS via parts size in multipart/form-data requests bsc1231689 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

8.7CVSS8.4AI score0.00658EPSS
Exploits0References4
vulnersosv
vulnersosv
added 2024/10/15 6:12 p.m.4 views

01os (>=0.0.1 <=0.0.14), a360-python-libraries (>=0.3.6 <=1.1.1) +2318 more potentially affected by CVE-2024-47874 via starlette (>=0.20.2 <=0.39.2)

starlette PYPI version =0.20.2, =0.0.1, =0.3.6, =0.12.0, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =0.3.0, =0.2.1, =0.2.2.2 and more Source cves: CVE-2024-47874 Source advisory: OSV:GHSA-F96H-PMFR-66VW...

8.7CVSS7.1AI score0.00658EPSS
Exploits0
wolfi
wolfi
added 2024/10/15 4:15 p.m.20 views

CVE-2024-47874 vulnerabilities

Vulnerabilities for packages: reflex...

8.7CVSS7.1AI score0.00658EPSS
Exploits0
nvd
nvd
added 2024/10/15 4:15 p.m.23 views

CVE-2024-47874

Starlette is an Asynchronous Server Gateway Interface ASGI framework/toolkit. Prior to version 0.40.0, Starlette treats multipart/form-data parts without a filename as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form...

8.7CVSS0.00658EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2024/10/15 4:15 p.m.4 views

CVE-2024-47874

Starlette is an Asynchronous Server Gateway Interface ASGI framework/toolkit. Prior to version 0.40.0, Starlette treats multipart/form-data parts without a filename as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form...

8.7CVSS7.1AI score0.00658EPSS
Exploits0References3
vulnersosv
vulnersosv
added 2024/10/15 6:49 a.m.6 views

01os (>=0.0.1 <=0.0.14), 12factor-configclasses (>=0.2.1 <=0.2.6) +3120 more potentially affected by CVE-2024-47874 via starlette (>=0.10.1 <=0.39.2)

starlette PYPI version =0.10.1, =0.0.1, =0.2.1, =0.1.0, =0.3.6, =0.12.0, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.1.2 and more Source cves: CVE-2024-47874 Source advisory: SNYK:PYTHON-STARLETTE-8186175...

8.7CVSS7.1AI score0.00658EPSS
Exploits0
Rows per page
Query Builder