Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-vxqx-rh46-q2pg
  • PyPI/litestar
 Litestar's FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD) 09 Feb
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-93ph-p7v4-hwh4
  • PyPI/litestar
 Litestar's AllowedHosts has a validation bypass due to unescaped regex metacharacters in configured host patterns 09 Feb
  • Fix available
  • Severity - 6.5 (Medium)
GHSA-2p2x-hpg8-cqp2
  • PyPI/litestar
 Litestar's CORS origin allowlist has a bypass due to unescaped regex metacharacters in allowed origins 09 Feb
  • Fix available
  • Severity - 7.4 (High)
GHSA-hm36-ffrh-c77c
  • PyPI/litestar
 Litestar X-Forwarded-For Header Spoofing Vulnerability Enables Rate Limit Evasion 06 Oct 2025
  • Fix available
  • Severity - 7.5 (High)
GHSA-674p-xv2x-rf3g
  • PyPI/litestar
 Litestar has potential log injection in exception logging 11 Aug 2025
  • Fix available
  • Severity - 3.7 (Low)
GHSA-gjcc-jvgw-wvwj
  • PyPI/litestar
  • PyPI/starlite
 Litestar allows unbounded resource consumption (DoS vulnerability) 20 Nov 2024
  • Fix available
  • Severity - 8.2 (High)
PYSEC-2024-178
  • PyPI/litestar
  • github.com/litestar-org/litestar
 See record for full details 20 Nov 2024
  • Fix available
  • Severity - 7.5 (High)
GHSA-83pv-qr33-2vcf
  • PyPI/litestar
  • PyPI/starlite
 Litestar and Starlite vulnerable to Path Traversal 06 May 2024
  • Fix available
  • Severity - 8.2 (High)