15 matches found
TencentOS Server 4: python-starlette (TSSA-2024:1053)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1053 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
Fedora: Security Advisory (FEDORA-2024-466c574575)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl (Publicly disclosed vulnerability found by Mend) CVE-2024-47874
Summary Security Bulletin: IBM Maximo Application Suite Ai-Broker Component uses CVE-2024-47874 starlette-0.27.0-py3-none-any.whl Publicly disclosed vulnerability found by Mend CVE-2024-47874. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...
Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874
Summary Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses starlette-0.38.6-py3-none-any.whl which is vulnerable to this CVE-2024-47874 Vulnerability Details CVEID:CVE-2024-47874 DESCRIPTION: Starlette is an Asynchronous Server Gateway Interface ASGI...
Fedora 41 : python-fastapi / python-openapi-core / python-platformio / etc (2024-05dedb1a53)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-05dedb1a53 advisory. Security fix for CVE-2024-47874. Starlette 0.40.0 October 15, 2024 This release fixes a Denial of service DoS via multipart/form-data requests. You can view...
Fedora: Security Advisory (FEDORA-2024-f1615b58e6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
python310-starlette-0.41.0-1.1 on GA media (moderate)
python310-starlette-0.41.0-1.1 on GA media Announcement ID: openSUSE-SU-2024:14417-1 Rating: moderate Cross-References: CVE-2024-47874 CVSS scores: CVE-2024-47874 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2024-47874 SUSE : 8.7...
openSUSE 15 Security Update : python-starlette (SUSE-SU-2024:3719-1)
The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2024:3719-1 advisory. - CVE-2024-47874: Fixed possible DoS via parts size in multipart/form-data requests bsc1231689 Tenable has extracted the preceding description block directly...
openSUSE Security Advisory (SUSE-SU-2024:3719-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for python-starlette
This update for python-starlette fixes the following issues: CVE-2024-47874: Fixed possible DoS via parts size in multipart/form-data requests bsc1231689 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
01os (>=0.0.1 <=0.0.14), a360-python-libraries (>=0.3.6 <=1.1.1) +2318 more potentially affected by CVE-2024-47874 via starlette (>=0.20.2 <=0.39.2)
starlette PYPI version =0.20.2, =0.0.1, =0.3.6, =0.12.0, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =0.3.0, =0.2.1, =0.2.2.2 and more Source cves: CVE-2024-47874 Source advisory: OSV:GHSA-F96H-PMFR-66VW...
CVE-2024-47874 vulnerabilities
Vulnerabilities for packages: reflex...
CVE-2024-47874
Starlette is an Asynchronous Server Gateway Interface ASGI framework/toolkit. Prior to version 0.40.0, Starlette treats multipart/form-data parts without a filename as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form...
CVE-2024-47874
Starlette is an Asynchronous Server Gateway Interface ASGI framework/toolkit. Prior to version 0.40.0, Starlette treats multipart/form-data parts without a filename as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form...
01os (>=0.0.1 <=0.0.14), 12factor-configclasses (>=0.2.1 <=0.2.6) +3120 more potentially affected by CVE-2024-47874 via starlette (>=0.10.1 <=0.39.2)
starlette PYPI version =0.10.1, =0.0.1, =0.2.1, =0.1.0, =0.3.6, =0.12.0, =0.1.10, =0.0.1, =0.1.0, =0.1.3, =0.0.1, =0.1.5, =0.1.1, =1.0.0, =1.1.2 and more Source cves: CVE-2024-47874 Source advisory: SNYK:PYTHON-STARLETTE-8186175...