VYPR

PyPI package

multipart

pkg:pypi/multipart

Vulnerabilities (1)

  • CVE-2026-28356HigMar 12, 2026
    affected >= 1.3.0, < 1.3.1fixed 1.3.1

    multipart is a fast multipart/form-data parser for python. Prior to 1.2.2, 1.3.1 and 1.4.0-dev, the parse_options_header() function in multipart.py uses a regular expression with an ambiguous alternation, which can cause exponential backtracking (ReDoS) when parsing maliciously c