5 matches found
CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
DEBIAN-CVE-2026-40347
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
CVE-2026-40347
The CVE-2026-40347 entry concerns Python-Multipart. Versions prior to 0.0.26 are vulnerable to a denial-of-service when parsing crafted multipart/form-data with large preambles/epilogues. The fix (0.0.26+) skips ahead on leading CR/LF data and discards epilogue data after the closing boundary. Af...
CVE-2026-40347 Python-Multipart affected by Denial of Service via large multipart preamble or epilogue data
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Upgrade to version 0.0.26 or later, which skips ahead to the next boundary...
GHSA-MJ87-HWQH-73PJ python-multipart affected by Denial of Service via large multipart preamble or epilogue data
Summary A denial of service vulnerability exists when parsing crafted multipart/form-data requests with large preamble or epilogue sections. Details Two inefficient multipart parsing paths could be abused with attacker-controlled input. Before the first multipart boundary, the parser handled...