VYPR

PyPI package

starlite

pkg:pypi/starlite

Vulnerabilities (3)

  • CVE-2024-52581Nov 20, 2024
    affected <= 1.51.16

    Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the total size of the request body. This allow

  • CVE-2024-32982HigMay 6, 2024
    affected >= 1.37.0, < 1.51.16fixed 1.51.16

    Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vulnerability allows attackers to exploit pa

  • CVE-2023-25578Feb 15, 2023
    affected < 1.51.2fixed 1.51.2

    Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1.5.2, the request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited numb