Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-7f5h-v6xp-fcq8
  • PyPI/starlette
 Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse`` 28 Oct 2025
  • Fix available
  • Severity - 7.5 (High)
GHSA-2c2j-9gv5-cj73
  • PyPI/starlette
 Starlette has possible denial-of-service vector when parsing large files in multipart forms 21 Jul 2025
  • Fix available
  • Severity - 5.3 (Medium)
GHSA-f96h-pmfr-66vw
  • PyPI/starlette
 Starlette Denial of service (DoS) via multipart/form-data 15 Oct 2024
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2023-83
  • PyPI/starlette
 See record for full details 01 Jun 2023
  • Fix available
GHSA-v5gw-mw7f-84px
  • PyPI/starlette
 Starlette has Path Traversal vulnerability in StaticFiles 17 May 2023
  • Fix available
  • Severity - 6.3 (Medium)
PYSEC-2023-48
  • PyPI/starlette
  • github.com/encode/starlette
 See record for full details 21 Apr 2023
  • Fix available
GHSA-74m5-2c7w-9w3x
  • PyPI/starlette
 MultipartParser denial of service with too many fields or files 14 Feb 2023
  • Fix available
  • Severity - 8.7 (High)