All the vulnerabilites related to Encode - Starlette
cve-2024-24762
Vulnerability from cvelistv5
Published
2024-02-05 14:33
Modified
2024-08-01 23:28
Severity ?
EPSS score ?
Summary
python-multipart vulnerable to content-type header Regular expression Denial of Service
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T23:28:11.928Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-2jv5-9r88-3w3p", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-2jv5-9r88-3w3p" }, { "name": "https://github.com/Kludex/python-multipart/commit/20f0ef6b4e4caf7d69a667c54dff57fe467109a4", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/Kludex/python-multipart/commit/20f0ef6b4e4caf7d69a667c54dff57fe467109a4" }, { "name": "https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389" }, { "name": "https://github.com/encode/starlette/security/advisories/GHSA-93gm-qmq6-w238", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/encode/starlette/security/advisories/GHSA-93gm-qmq6-w238" }, { "name": "https://github.com/andrew-d/python-multipart/blob/d3d16dae4b061c34fe9d3c9081d9800c49fc1f7a/multipart/multipart.py#L72-L74", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/andrew-d/python-multipart/blob/d3d16dae4b061c34fe9d3c9081d9800c49fc1f7a/multipart/multipart.py#L72-L74" }, { "name": "https://github.com/encode/starlette/commit/13e5c26a27f4903924624736abd6131b2da80cc5", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/encode/starlette/commit/13e5c26a27f4903924624736abd6131b2da80cc5" }, { "name": "https://github.com/tiangolo/fastapi/commit/9d34ad0ee8a0dfbbcce06f76c2d5d851085024fc", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tiangolo/fastapi/commit/9d34ad0ee8a0dfbbcce06f76c2d5d851085024fc" }, { "name": "https://github.com/tiangolo/fastapi/releases/tag/0.109.1", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/tiangolo/fastapi/releases/tag/0.109.1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://github.com/Kludex/python-multipart", "defaultStatus": "unaffected", "packageName": "python-multipart", "product": "python-multipart", "repo": "https://github.com/Kludex/python-multipart", "vendor": "Kludex", "versions": [ { "lessThan": "0.0.7", "status": "affected", "version": "0", "versionType": "affected" } ] }, { "collectionURL": "https://github.com/tiangolo/fastapi", "defaultStatus": "unaffected", "packageName": "fastapi", "product": "fastapi", "repo": "https://github.com/tiangolo/fastapi", "vendor": "tiangolo", "versions": [ { "lessThan": "0.109.1", "status": "affected", "version": "0", "versionType": "affected" } ] }, { "collectionURL": "https://github.com/encode/starlette", "defaultStatus": "unaffected", "packageName": "startlette", "product": "starlette", "repo": "https://github.com/encode/starlette", "vendor": "encode", "versions": [ { "lessThan": "0.36.2", "status": "affected", "version": "0", "versionType": "affected" } ] } ], "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can\u0027t handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7." } ], "value": "`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can\u0027t handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-17T01:54:29.017Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-2jv5-9r88-3w3p", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/Kludex/python-multipart/security/advisories/GHSA-2jv5-9r88-3w3p" }, { "name": "https://github.com/Kludex/python-multipart/commit/20f0ef6b4e4caf7d69a667c54dff57fe467109a4", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/Kludex/python-multipart/commit/20f0ef6b4e4caf7d69a667c54dff57fe467109a4" }, { "name": "https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389" }, { "name": "https://github.com/encode/starlette/security/advisories/GHSA-93gm-qmq6-w238", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/encode/starlette/security/advisories/GHSA-93gm-qmq6-w238" }, { "name": "https://github.com/andrew-d/python-multipart/blob/d3d16dae4b061c34fe9d3c9081d9800c49fc1f7a/multipart/multipart.py#L72-L74", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/andrew-d/python-multipart/blob/d3d16dae4b061c34fe9d3c9081d9800c49fc1f7a/multipart/multipart.py#L72-L74" }, { "name": "https://github.com/encode/starlette/commit/13e5c26a27f4903924624736abd6131b2da80cc5", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/encode/starlette/commit/13e5c26a27f4903924624736abd6131b2da80cc5" }, { "name": "https://github.com/tiangolo/fastapi/commit/9d34ad0ee8a0dfbbcce06f76c2d5d851085024fc", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tiangolo/fastapi/commit/9d34ad0ee8a0dfbbcce06f76c2d5d851085024fc" }, { "name": "https://github.com/tiangolo/fastapi/releases/tag/0.109.1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/tiangolo/fastapi/releases/tag/0.109.1" } ], "source": { "advisory": "GHSA-2jv5-9r88-3w3p", "discovery": "UNKNOWN" }, "title": "python-multipart vulnerable to content-type header Regular expression Denial of Service", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-24762", "datePublished": "2024-02-05T14:33:06.481Z", "dateReserved": "2024-01-29T20:51:26.011Z", "dateUpdated": "2024-08-01T23:28:11.928Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-29159
Vulnerability from cvelistv5
Published
2023-06-01 00:00
Modified
2024-08-02 14:00
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:00:14.995Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px" }, { "tags": [ "x_transferred" ], "url": "https://github.com/encode/starlette/releases/tag/0.27.0" }, { "tags": [ "x_transferred" ], "url": "https://jvn.jp/en/jp/JVN95981715/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Starlette", "vendor": "Encode", "versions": [ { "status": "affected", "version": "versions 0.13.5 and later and prior to 0.27.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette." } ], "problemTypes": [ { "descriptions": [ { "description": "Directory traversal", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-01T00:00:00", "orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "shortName": "jpcert" }, "references": [ { "url": "https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px" }, { "url": "https://github.com/encode/starlette/releases/tag/0.27.0" }, { "url": "https://jvn.jp/en/jp/JVN95981715/" } ] } }, "cveMetadata": { "assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce", "assignerShortName": "jpcert", "cveId": "CVE-2023-29159", "datePublished": "2023-06-01T00:00:00", "dateReserved": "2023-05-11T00:00:00", "dateUpdated": "2024-08-02T14:00:14.995Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-30798
Vulnerability from cvelistv5
Published
2023-04-21 15:27
Modified
2024-08-02 14:37
Severity ?
EPSS score ?
Summary
MultipartParser DOS with too many fields or files in Starlette Framework
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T14:37:15.397Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "vendor-advisory", "x_transferred" ], "url": "https://github.com/encode/starlette/security/advisories/GHSA-74m5-2c7w-9w3x" }, { "tags": [ "patch", "x_transferred" ], "url": "https://github.com/encode/starlette/commit/8c74c2c8dba7030154f8af18e016136bea1938fa" }, { "tags": [ "third-party-advisory", "x_transferred" ], "url": "https://vulncheck.com/advisories/starlette-multipartparser-dos" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://pypi.org/project/starlette/", "defaultStatus": "unaffected", "packageName": "starlette", "platforms": [ "all" ], "product": "Starlette", "repo": "https://github.com/encode/starlette", "vendor": "Encode", "versions": [ { "lessThan": "0.25.0", "status": "affected", "version": "0", "versionType": "python" } ] } ], "datePublic": "2023-04-20T13:17:00.000Z", "descriptions": [ { "lang": "en", "supportingMedia": [ { "base64": false, "type": "text/html", "value": "There MultipartParser usage in Encode\u0027s Starlette python framework before versions 0.25.0 allows an unauthenticated and remote attacker to specify any number of form fields or files which can cause excessive memory usage resulting in denial of service of the HTTP service." } ], "value": "There MultipartParser usage in Encode\u0027s Starlette python framework before versions 0.25.0 allows an unauthenticated and remote attacker to specify any number of form fields or files which can cause excessive memory usage resulting in denial of service of the HTTP service." } ], "impacts": [ { "capecId": "CAPEC-469", "descriptions": [ { "lang": "en", "value": "CAPEC-469 HTTP DoS" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS", "scenarios": [ { "lang": "en", "value": "GENERAL" } ] } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-04-21T15:27:47.358Z", "orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck" }, "references": [ { "tags": [ "vendor-advisory" ], "url": "https://github.com/encode/starlette/security/advisories/GHSA-74m5-2c7w-9w3x" }, { "tags": [ "patch" ], "url": "https://github.com/encode/starlette/commit/8c74c2c8dba7030154f8af18e016136bea1938fa" }, { "tags": [ "third-party-advisory" ], "url": "https://vulncheck.com/advisories/starlette-multipartparser-dos" } ], "source": { "discovery": "UNKNOWN" }, "title": "MultipartParser DOS with too many fields or files in Starlette Framework", "x_generator": { "engine": "Vulnogram 0.1.0-dev" } } }, "cveMetadata": { "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "assignerShortName": "VulnCheck", "cveId": "CVE-2023-30798", "datePublished": "2023-04-21T15:27:47.358Z", "dateReserved": "2023-04-18T10:31:45.962Z", "dateUpdated": "2024-08-02T14:37:15.397Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-47874
Vulnerability from cvelistv5
Published
2024-10-15 15:45
Modified
2024-10-15 16:24
Severity ?
EPSS score ?
Summary
Starlette Denial of service (DoS) via multipart/form-data
References
▼ | URL | Tags |
---|---|---|
https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw | x_refsource_CONFIRM | |
https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733 | x_refsource_MISC |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:encode:starlette:*:*:*:*:*:python:*:*" ], "defaultStatus": "unknown", "product": "starlette", "vendor": "encode", "versions": [ { "lessThan": "0.40.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 0, "baseSeverity": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-47874", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-15T16:23:43.595198Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-15T16:24:45.888Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "starlette", "vendor": "encode", "versions": [ { "status": "affected", "version": "\u003c 0.40.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit. Prior to version 0.40.0, Starlette treats `multipart/form-data` parts without a `filename` as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload arbitrary large form fields and cause Starlette to both slow down significantly due to excessive memory allocations and copy operations, and also consume more and more memory until the server starts swapping and grinds to a halt, or the OS terminates the server process with an OOM error. Uploading multiple such requests in parallel may be enough to render a service practically unusable, even if reasonable request size limits are enforced by a reverse proxy in front of Starlette. This Denial of service (DoS) vulnerability affects all applications built with Starlette (or FastAPI) accepting form requests. Verison 0.40.0 fixes this issue." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-770", "description": "CWE-770: Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-15T15:45:03.555Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/encode/starlette/security/advisories/GHSA-f96h-pmfr-66vw" }, { "name": "https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/encode/starlette/commit/fd038f3070c302bff17ef7d173dbb0b007617733" } ], "source": { "advisory": "GHSA-f96h-pmfr-66vw", "discovery": "UNKNOWN" }, "title": "Starlette Denial of service (DoS) via multipart/form-data" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-47874", "datePublished": "2024-10-15T15:45:03.555Z", "dateReserved": "2024-10-04T16:00:09.630Z", "dateUpdated": "2024-10-15T16:24:45.888Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
jvndb-2023-000056
Vulnerability from jvndb
Published
2023-05-30 13:34
Modified
2024-03-19 18:08
Severity ?
Summary
Starlette vulnerable to directory traversal
Details
Starlette provided by Encode contains a directory traversal vulnerability (CWE-22).
Masashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
{ "@rdf:about": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000056.html", "dc:date": "2024-03-19T18:08+09:00", "dcterms:issued": "2023-05-30T13:34+09:00", "dcterms:modified": "2024-03-19T18:08+09:00", "description": "Starlette provided by Encode contains a directory traversal vulnerability (CWE-22).\r\n\r\nMasashi Yamane of LAC Co., Ltd. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.", "link": "https://jvndb.jvn.jp/en/contents/2023/JVNDB-2023-000056.html", "sec:cpe": { "#text": "cpe:/a:encode:starlette", "@product": "Starlette", "@vendor": "Encode", "@version": "2.2" }, "sec:cvss": [ { "@score": "4.3", "@severity": "Medium", "@type": "Base", "@vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "@version": "2.0" }, { "@score": "3.7", "@severity": "Low", "@type": "Base", "@vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N", "@version": "3.0" } ], "sec:identifier": "JVNDB-2023-000056", "sec:references": [ { "#text": "http://jvn.jp/en/jp/JVN95981715/index.html", "@id": "JVN#95981715", "@source": "JVN" }, { "#text": "https://www.cve.org/CVERecord?id=CVE-2023-29159", "@id": "CVE-2023-29159", "@source": "CVE" }, { "#text": "https://nvd.nist.gov/vuln/detail/CVE-2023-29159", "@id": "CVE-2023-29159", "@source": "NVD" }, { "#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html", "@id": "CWE-22", "@title": "Path Traversal(CWE-22)" } ], "title": "Starlette vulnerable to directory traversal" }