rpm package
opensuse/python-starlette&distro=openSUSE Leap 15.6
pkg:rpm/opensuse/python-starlette&distro=openSUSE%20Leap%2015.6
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-54121 | Med | 5.3 | < 0.35.1-150600.3.6.1 | 0.35.1-150600.3.6.1 | Jul 21, 2025 | Starlette is a lightweight ASGI (Asynchronous Server Gateway Interface) framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files (greater than the default max spool size) starlette will bl | |
| CVE-2024-47874 | Hig | — | < 0.35.1-150600.3.3.1 | 0.35.1-150600.3.3.1 | Oct 15, 2024 | Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit. Prior to version 0.40.0, Starlette treats `multipart/form-data` parts without a `filename` as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload a |
- affected < 0.35.1-150600.3.6.1fixed 0.35.1-150600.3.6.1
Starlette is a lightweight ASGI (Asynchronous Server Gateway Interface) framework/toolkit, designed for building async web services in Python. In versions 0.47.1 and below, when parsing a multi-part form with large files (greater than the default max spool size) starlette will bl
- affected < 0.35.1-150600.3.3.1fixed 0.35.1-150600.3.3.1
Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit. Prior to version 0.40.0, Starlette treats `multipart/form-data` parts without a `filename` as text form fields and buffers those in byte strings with no size limit. This allows an attacker to upload a