Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
light_mode
dark_mode
Vulnerabilities
search
All ecosystems
776052
AlmaLinux
5306
Alpaquita
11500
Alpine
4284
Android
3403
Azure Linux
12016
BellSoft Hardened Containers
579
Bitnami
8375
Chainguard
9421
CleanStart
1780
CRAN
14
crates.io
2573
Debian
59886
Echo
6725
GHC
3
GIT
94090
GitHub Actions
54
Go
8191
Hackage
32
Hex
191
Julia
1099
Linux
25421
Mageia
6026
Maven
6707
MinimOS
90191
npm
222699
NuGet
1773
opam
19
openEuler
7237
openSUSE
13525
OSS-Fuzz
3960
Packagist
6712
Pub
11
PyPI
23853
Red Hat
21334
Rocky Linux
3684
Root
17565
RubyGems
4565
SUSE
21541
SwiftURL
58
TuxCare
5651
Ubuntu
57418
VSCode
20
Wolfi
6560
ID
Packages
Summary
Published
arrow_upward
Attributes
PYSEC-2026-3036
PyPI/python-multipart
python-multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service
4 days ago
Fix available
Severity - 7.5 (High)
PYSEC-2026-3040
PyPI/python-multipart
python-multipart: Negative Content-Length in parse_form buffers the entire body in memory
4 days ago
Fix available
Severity - 3.7 (Low)
PYSEC-2026-3037
PyPI/python-multipart
python-multipart: Semicolon treated as querystring field separator enables parameter smuggling
4 days ago
Fix available
Severity - 3.7 (Low)
PYSEC-2026-3041
PyPI/python-multipart
python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters
4 days ago
Fix available
Severity - 3.7 (Low)
PYSEC-2026-3039
PyPI/python-multipart
python-multipart has Denial of Service via unbounded multipart part headers
4 days ago
Fix available
Severity - 7.5 (High)
PYSEC-2026-3038
PyPI/python-multipart
python-multipart affected by Denial of Service via large multipart preamble or epilogue data
4 days ago
Fix available
Severity - 5.3 (Medium)
PYSEC-2026-1852
PyPI/python-multipart
Python-Multipart has Arbitrary File Write via Non-Default Configuration
07 Jul
Fix available
Severity - 8.6 (High)
PYSEC-2026-1851
PyPI/python-multipart
Denial of service (DoS) via deformation
`
multipart/form-data
`
boundary
07 Jul
Fix available
Severity - 8.7 (High)
PYSEC-2026-1850
PyPI/python-multipart
python-multipart vulnerable to Content-Type Header ReDoS
07 Jul
Fix available
Severity - 7.5 (High)
GHSA-5rvq-cxj2-64vf
PyPI/python-multipart
python-multipart: Quadratic-time querystring parsing with semicolon separators causes CPU denial of service
15 Jun
Fix available
Severity - 7.5 (High)
GHSA-v9pg-7xvm-68hf
PyPI/python-multipart
python-multipart: Negative Content-Length in parse_form buffers the entire body in memory
15 Jun
Fix available
Severity - 3.7 (Low)
GHSA-6jv3-5f52-599m
PyPI/python-multipart
python-multipart: Semicolon treated as querystring field separator enables parameter smuggling
15 Jun
Fix available
Severity - 3.7 (Low)
GHSA-vffw-93wf-4j4q
PyPI/python-multipart
python-multipart: Content-Disposition parameter smuggling via RFC 2231/5987 extended parameters
15 Jun
Fix available
Severity - 3.7 (Low)
GHSA-pp6c-gr5w-3c5g
PyPI/python-multipart
python-multipart has Denial of Service via unbounded multipart part headers
06 May
Fix available
Severity - 7.5 (High)
GHSA-mj87-hwqh-73pj
PyPI/python-multipart
python-multipart affected by Denial of Service via large multipart preamble or epilogue data
15 Apr
Fix available
Severity - 5.3 (Medium)
GHSA-wp53-j4wj-2cfg
PyPI/python-multipart
Python-Multipart has Arbitrary File Write via Non-Default Configuration
26 Jan
Fix available
Severity - 8.6 (High)
Load more...
(1 page left)
PyPI - OSV