Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2 days ago5 views

CVE-2026-53539

A flaw was found in Python-Multipart, a streaming multipart parser. A remote attacker can exploit this vulnerability by submitting a specially crafted application/x-www-form-urlencoded body. This can cause the QuerystringParser to perform inefficient processing, leading to excessive CPU...

7.5CVSS6.1AI score0.00263EPSS
Exploits0References4
OSV
OSV
added 2026/06/22 6:16 p.m.3 views

UBUNTU-CVE-2026-53539

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, when parsing application/x-www-form-urlencoded bodies, QuerystringParser located the field separator with a two step lookup: it first scanned the entire remaining buffer for &, and only when no & existed anywhere ahead...

7.5CVSS6.1AI score0.00263EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 6:16 p.m.3 views

UBUNTU-CVE-2026-53537

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.30, parseoptionsheader parsed Content-Disposition and Content-Type headers with email.message.Message, which transparently applies RFC 2231/5987 decoding. The extended parameter syntax filename=charset'lang'value, name=...,...

5.3CVSS5.9AI score0.00177EPSS
Exploits0References2
OSV
OSV
added 2026/06/22 6:16 p.m.4 views

UBUNTU-CVE-2026-53540

Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.31, parseform did not validate the Content-Length header before using it to bound its chunked read of the request body. A negative Content-Length turned the bounded read into a read-until-EOF, so the entire body was loaded...

3.7CVSS5.8AI score0.00217EPSS
Exploits0References2
Fedora
Fedora
added 2026/06/15 1:11 a.m.18 views

[SECURITY] Fedora 43 Update: python-python-multipart-0.0.32-1.fc43

Python-Multipart is a streaming multipart parser for Python...

5.3AI score
Exploits0
Fedora
Fedora
added 2026/06/15 12:51 a.m.14 views

[SECURITY] Fedora 44 Update: python-python-multipart-0.0.32-1.fc44

Python-Multipart is a streaming multipart parser for Python...

5.3AI score
Exploits0
EUVD
EUVD
added 2026/05/08 6:31 p.m.12 views

EUVD-2026-28787

lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser lwjsonstream.c. The end-of-string detection logic incorrectly identifies escaped quote characters by only checking the immediately preceding character rather than counting consecutive backslashes, causin...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References4
NVD
NVD
added 2026/05/08 4:16 p.m.11 views

CVE-2026-29975

lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser lwjsonstream.c. The end-of-string detection logic incorrectly identifies escaped quote characters by only checking the immediately preceding character rather than counting consecutive backslashes, causin...

7.5CVSS0.00417EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.37 views

CVE-2026-29975

lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser lwjsonstream.c. The end-of-string detection logic incorrectly identifies escaped quote characters by only checking the immediately preceding character rather than counting consecutive backslashes, causin...

0.00417EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/08 12:0 a.m.13 views

PT-2026-39144

Name of the Vulnerable Software and Affected Versions lwjson version 1.8.1 Description Improper input validation in the streaming JSON parser lwjson stream.c occurs because the end-of-string detection logic incorrectly identifies escaped quote characters. The system only checks the immediately...

7.5CVSS5.8AI score0.00417EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/08 12:0 a.m.8 views

CVE-2026-29975

lwjson 1.8.1 contains an improper input validation vulnerability in the streaming JSON parser lwjsonstream.c. The end-of-string detection logic incorrectly identifies escaped quote characters by only checking the immediately preceding character rather than counting consecutive backslashes, causin...

5.8AI score0.00417EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/03/06 7:14 a.m.5 views

CVE-2026-29062

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. From version 3.0.0 to before version 3.1.0, the UTF8DataInputJsonParser, which is used when parsing from a java.io.DataInput source, bypasses the maxNestingDepth constrai...

8.7CVSS5.2AI score0.00552EPSS
Exploits0
Fedora
Fedora
added 2026/02/04 2:11 a.m.9 views

[SECURITY] Fedora 43 Update: python-python-multipart-0.0.22-1.fc43

Python-Multipart is a streaming multipart parser for Python...

8.6CVSS5.2AI score0.02228EPSS
Exploits5
Fedora
Fedora
added 2026/02/04 2:5 a.m.10 views

[SECURITY] Fedora 42 Update: python-python-multipart-0.0.22-1.fc42

Python-Multipart is a streaming multipart parser for Python...

8.6CVSS5.2AI score0.02228EPSS
Exploits5
Debian CVE
Debian CVE
added 2025/06/25 5:2 p.m.5 views

CVE-2025-52999

jackson-core contains core low-level incremental "streaming" parser and generator abstractions used by Jackson Data Processor. In versions prior to 2.15.0, if a user parses an input file and it has deeply nested data, Jackson could end up throwing a StackoverflowError if the depth is particularly...

8.7CVSS6.5AI score0.00634EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/03/27 12:0 a.m.10 views

The vulnerability of the python-multipart streaming multi-component parser, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the python-multipart streaming multi-component parser is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS7.3AI score0.00644EPSS
Exploits0References5Affected Software3
BDU FSTEC
BDU FSTEC
added 2025/02/12 12:0 a.m.12 views

The vulnerability of the python-multipart streaming multi-component parser lies in the inefficient complexity of regular expressions, allowing attackers to trigger a service failure.

The vulnerability of the python-multipart streaming multi-component parser is related to insufficient input validation when processing the HTTP header “Content-Type” value using regular expressions. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS6.8AI score0.01523EPSS
Exploits1References3Affected Software2
Fedora
Fedora
added 2024/12/10 1:24 a.m.17 views

[SECURITY] Fedora 41 Update: python-python-multipart-0.0.19-1.fc41

Python-Multipart is a streaming multipart parser for Python...

7.5CVSS7.3AI score0.00644EPSS
Exploits0
Fedora
Fedora
added 2024/12/10 1:19 a.m.15 views

[SECURITY] Fedora 40 Update: python-multipart-0.0.19-1.fc40

Python-Multipart is a streaming multipart parser for Python...

7.5CVSS7.3AI score0.00644EPSS
Exploits0
NVD
NVD
added 2024/12/02 4:15 p.m.14 views

CVE-2024-53981

python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks CR \r or LF \n in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause...

7.5CVSS0.00644EPSS
Exploits0References2
Rows per page
Query Builder