CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2026/01/09 9:1 a.m.•2 views

CVE-2023-25578

Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and ...

7.5CVSS6.8AI score0.01275EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-0246

Malicious code in bioql PyPI...

7.5CVSS7.4AI score0.01275EPSS

Exploits1References6

vulnersOsv•added 2024/11/20 9:38 p.m.•1 views

3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2024-52581 via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2024-52581 Source advisory: OSV:GHSA-GJCC-JVGW-WVWJ...

8.2CVSS5.8AI score0.00445EPSS

Exploits1

NVD•added 2024/05/06 3:15 p.m.•10 views

CVE-2024-32982

Litestar and Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion LFI vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit path traversal flaws,...

8.2CVSS7.8AI score0.00297EPSS

Exploits0References3

Vulnrichment•added 2024/05/06 2:38 p.m.•16 views

CVE-2024-32982 Litestar and Starlite affected by Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

8.2CVSS6.2AI score0.00297EPSS

Exploits0References3

OSV•added 2024/05/06 2:38 p.m.•12 views

CVE-2024-32982 Litestar and Starlite affected by Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

8.2CVSS7.6AI score0.00297EPSS

Exploits0References5

CVE•added 2024/05/06 2:38 p.m.•58 views

CVE-2024-32982

Litestar/Starlite static file serving is affected by a Local File Inclusion (LFI) due to an unsafe path handling implementation in litestar/static_files/base.py. Prior to versions 2.8.3, 2.7.2, and 2.6.4, this path traversal flaw can allow an attacker to access files outside the intended static d...

8.2CVSS7.7AI score0.00297EPSS

Exploits0References3

vulnersOsv•added 2024/05/06 2:20 p.m.•0 views

kiara-plugin-service (>=0.4.0 <=0.4.7), playbacker (>=0.5.1 <=0.7.1) potentially affected by CVE-2024-32982 via starlite (>=1.39.0 <=1.51.10)

starlite PYPI version =1.39.0, =0.4.0, =0.5.1, =0.7.1 Source cves: CVE-2024-32982 Source advisory: OSV:GHSA-83PV-QR33-2VCF...

8.2CVSS7.2AI score0.00297EPSS

Exploits0

Veracode•added 2023/02/17 9:8 a.m.•14 views

Denial Of Service (DoS)

starlite is vulnerable to Denial of Service DoS attacks. A malicious user is able to consume a large amount of CPU time and RAM because the multipart body parser accepts an unlimited number of file parts and field parts, which can cause the application to crash...

7.5CVSS7.2AI score0.01275EPSS

Exploits1References3Affected Software1

vulnersOsv•added 2023/02/15 5:42 p.m.•0 views

3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2023-25578 +1 more via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2023-25578, CVE-2024-52581 Source advisory: OSV:GHSA-P24M-863F-FM6Q...

8.2CVSS7.1AI score0.01275EPSS

Exploits2

NVD•added 2023/02/15 3:15 p.m.•9 views

CVE-2023-25578

7.5CVSS7.5AI score0.01275EPSS

Exploits1References3

PyPA•added 2023/02/15 3:15 p.m.•5 views

PYSEC-2023-49

7.5CVSS7AI score0.01275EPSS

Exploits1References4Affected Software1

vulnersOsv•added 2023/02/15 3:15 p.m.•4 views

3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2023-25578 via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2023-25578 Source advisory: OSV:PYSEC-2023-49...

7.5CVSS7.1AI score0.01275EPSS

Exploits1

Prion•added 2023/02/15 3:15 p.m.•6 views

Design/Logic Flaw

5CVSS7.5AI score0.01275EPSS

Exploits1References3Affected Software1

OSV•added 2023/02/15 3:15 p.m.•14 views

PYSEC-2023-49

7.5CVSS7.5AI score0.01275EPSS

Exploits1References3

Cvelist•added 2023/02/15 2:58 p.m.•9 views

CVE-2023-25578 Starlite DoS vulnerability when parsing multipart request body

7.5CVSS7.7AI score0.01275EPSS

Exploits1References3

CVE•added 2023/02/15 2:58 p.m.•47 views

CVE-2023-25578

CVE-2023-25578 affects Starlite (ASGI framework) prior to version 1.5.2. The vulnerability lies in the multipart body parser, which processes an unlimited number of file parts and field parts, allowing an attacker to consume大量 CPU time and RAM. This can lead to remote, unauthenticated denial of s...

7.5CVSS7.4AI score0.01275EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2023/02/15 2:58 p.m.•3 views

CVE-2023-25578 Starlite DoS vulnerability when parsing multipart request body

7.5CVSS7.7AI score0.01275EPSS

Exploits1References3

OSV•added 2023/02/15 2:58 p.m.•10 views

CVE-2023-25578 Starlite DoS vulnerability when parsing multipart request body

7.5CVSS7.4AI score0.01275EPSS

Exploits1References5

CNNVD•added 2023/02/15 12:0 a.m.•1 views

Starlite 安全漏洞

Starlite is an Asynchronous Server Gateway Interface ASGI framework from the starliteproject individual developer. A security vulnerability exists in Starlite versions prior to 1.5.2, which stems from request body parsing in "starlite" that allows a potentially unauthenticated attacker to consume...

7.5CVSS7.2AI score0.01275EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by