12 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-48710
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Starlette is a lightweight ASGI framework/toolkit. Prior to version 1.0.1, the HTTP Host request header was not validated before being used to reconstruct...
python311-sse-starlette-3.2.0-1.1 on GA media (moderate)
python311-sse-starlette-3.2.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10109-1 Rating: moderate Cross-References: CVE-2025-62727 CVSS scores: CVE-2025-62727 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2025-62727 SUSE : 8.2...
EUVD-2025-6813
Malicious code in bioql PyPI...
openSUSE Security Advisory (SUSE-SU-2025:02544-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-12868
In version 0.3.32 of open-webui, the application uses a vulnerable version of the starlette package through its dependency on fastapi. The starlette package versions =0.49 are susceptible to uncontrolled resource consumption, which can be exploited to cause a denial of service through memory...
CVE-2025-0182
A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package =0.49 via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending...
CVE-2024-12868
Rejected reason: REJECT DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-47874. Notes: All CVE users should reference CVE-2024-47874 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2024-12868
...
CVE-2024-12868
CVE-2024-12868 is rejected and should not be used; reference CVE-2024-47874.
CVE-2024-12868
...
CVE-2025-0182 Denial of Service in danswer-ai/danswer
A vulnerability in danswer-ai/danswer version 0.9.0 allows for denial of service through memory exhaustion. The issue arises from the use of a vulnerable version of the starlette package =0.49 via fastapi, which was patched in fastapi version 0.115.3. The vulnerability can be exploited by sending...
CVE-2025-0182
The CVE-2025-0182 entry affects danswer-ai/danswer (v0.9.0). The root cause is use of a vulnerable Starlette version (