rpm package
opensuse/python-python-multipart&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/python-python-multipart&distro=openSUSE%20Leap%2015.6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-24486 | — | < 0.0.9-150600.3.6.1 | 0.0.9-150600.3.6.1 | Jan 27, 2026 | Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on th | ||
| CVE-2024-53981 | Hig | 7.5 | < 0.0.9-150600.3.3.1 | 0.0.9-150600.3.3.1 | Dec 2, 2024 | python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR \r or LF \n) in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, |
- CVE-2026-24486Jan 27, 2026affected < 0.0.9-150600.3.6.1fixed 0.0.9-150600.3.6.1
Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on th
- affected < 0.0.9-150600.3.3.1fixed 0.0.9-150600.3.3.1
python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR \r or LF \n) in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time,