3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2024-52581 via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2024-52581 Source advisory: OSV:GHSA-GJCC-JVGW-WVWJ...

kiara-plugin-service (>=0.4.0 <=0.4.7), playbacker (>=0.5.1 <=0.7.1) potentially affected by CVE-2024-32982 via starlite (>=1.39.0 <=1.51.10)

starlite PYPI version =1.39.0, =0.4.0, =0.5.1, =0.7.1 Source cves: CVE-2024-32982 Source advisory: OSV:GHSA-83PV-QR33-2VCF...

3lc (>=2.3.84 <=2.6.4), aiocronjob (>=0.6.0 <=0.7.0) +10 more potentially affected by CVE-2023-25578 +1 more via starlite (>=1.39.0 <=1.51.16)

starlite PYPI version =1.39.0, =2.3.84, =0.6.0, =0.4.0, =0.5.1, =1.0.0, =0.1.0, =0.1.3, =1.0.0, =0.1.0, =0.8.1 - strawberry-graphql =0.168.0 Source cves: CVE-2023-25578, CVE-2024-52581 Source advisory: OSV:GHSA-P24M-863F-FM6Q...

Starlite 安全漏洞

Starlite is an Asynchronous Server Gateway Interface ASGI framework from the starliteproject individual developer. A security vulnerability exists in Starlite versions prior to 1.5.2, which stems from request body parsing in "starlite" that allows a potentially unauthenticated attacker to consume...