CVE-2024-49767

CVE-2024-49767 : Werkzeug's MultiPartParser in versions prior to 3.0.6 is vulnerable to a resource-exhaustion DoS when parsing multipart/form-data. A crafted upload can cause the parser to allocate 3–8× the upload size in RAM, with a single 1 Gbit/s upload potentially exhausting ~32 GB in under a...