EUVD-2026-33965

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

Allocation of Resources Without Limits or Throttling

Overview nicegui is a Create web-based user interfaces with Python. The nice way. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling via the FileResponse method. An unauthenticated attacker can exhaust disk space, saturate log pipelines, or...

PT-2026-41779

Name of the Vulnerable Software and Affected Versions NiceGUI versions prior to 3.12.0 Description Two FastAPI routes used for serving per-component static assets accept a sub-path parameter that can resolve to a directory instead of a file. When a request resolves to a directory, it triggers an...

Security Bulletin: Starlette FileResponse Range Header Parsing DoS Vulnerability, affects watsonx.data

Summary Starlette versions 0.39.0–0.49.0 allow unauthenticated attackers to cause CPU exhaustion by sending crafted HTTP Range headers to file-serving endpoints. The issue is fixed in version 0.49.1. This can affect watsonx.data. Vulnerability Details CVEID:CVE-2025-62727 DESCRIPTION: Starlette i...

DEBIAN-CVE-2025-62727

Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion...

CVE-2025-62727

CVE-2025-62727 (Starlette) : Affects Starlette before version 0.49.1, where an unauthenticated attacker can send a crafted HTTP Range header triggering quadratic-time processing in FileResponse Range parsing/merging, causing CPU exhaustion and denial of service on file-serving endpoints. A fix is...

CVE-2025-62727 Starlette vulnerable to O(n^2) DoS via Range header merging in starlette.responses.FileResponse

Starlette is a lightweight ASGI framework/toolkit. Starting in version 0.39.0 and prior to version 0.49.1 , an unauthenticated attacker can send a crafted HTTP Range header that triggers quadratic-time processing in Starlette's FileResponse Range parsing/merging logic. This enables CPU exhaustion...

EUVD-2022-0092

Malicious code in bioql PyPI...

SUSE CVE-2024-42367

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants .gz or .br extension are vulnerable to path traversal outside the root directory if those variants are...

CVE-2024-42367

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions on the 3.10 branch prior to version 3.10.2, static routes which contain files with compressed variants .gz or .br extension are vulnerable to path traversal outside the root directory if those variants are...

In aiohttp, compressed files as symlinks are not protected from path traversal

Summary Static routes which contain files with compressed variants .gz or .br extension were vulnerable to path traversal outside the root directory if those variants are symbolic links. Details The server protects static routes from path traversal outside the root directory when...

BIT-DJANGO-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

openSUSE: Security Advisory for python (openSUSE-SU-2022:10103-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security fix for the ALT Linux 10 package python3-module-django version 3.2.15-alt1

3.2.15-alt1 built Aug. 30, 2022 Alexey Shabalin in task 305627 Aug. 22, 2022 Alexey Shabalin - new version 3.2.15 - Fixes for the following security vulnerabilities: + CVE-2022-34265 Potential SQL injection via Trunckind and Extractlookupname arguments. + CVE-2022-36359 Potential reflected file...

Mageia: Security Advisory (MGASA-2022-0281)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Django vulnerable to Reflected File Download attack

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...

Ubuntu 20.04 LTS / 22.04 LTS : Django vulnerability (USN-5549-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5549-1 advisory. It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or...

USN-5549-1: Django vulnerability

It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine...

USN-5549-1 python-django vulnerability

It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine...

DEBIAN-CVE-2022-36359

An issue was discovered in the HTTP FileResponse class in Django 3.2 before 3.2.15 and 4.0 before 4.0.7. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a FileResponse when the filename is derived from user-supplied input...