CVE-2023-29159

Source
https://cve.org/CVERecord?id=CVE-2023-29159
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29159.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-29159
Aliases
Downstream
Published
2023-06-01T00:00:00Z
Modified
2026-07-15T01:48:59.885473775Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.

Database specific
{
    "cna_assigner": "jpcert",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/29xxx/CVE-2023-29159.json",
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "versions 0.13.5 and later and prior to 0.27.0"
                },
                {
                    "last_affected": "versions 0.13.5 and later and prior to 0.27.0"
                }
            ]
        }
    ]
}
References

Affected packages

Git / github.com/kludex/starlette

Affected ranges

Type
GIT
Repo
https://github.com/kludex/starlette
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": "REFERENCES"
}

Affected versions

0.*
0.1.0
0.1.1
0.1.10
0.1.11
0.1.12
0.1.13
0.1.14
0.1.15
0.1.16
0.1.17
0.1.2
0.1.3
0.1.4
0.1.5
0.1.6
0.1.7
0.1.8
0.1.9
0.10.0
0.10.1
0.10.4
0.11.1
0.11.2
0.11.3
0.11.4
0.12.0
0.12.0.b1
0.12.0.b2
0.12.0.b3
0.12.11
0.12.12
0.12.13
0.12.2
0.12.3
0.12.4
0.12.5
0.12.6
0.12.7
0.12.8
0.12.9
0.13.0
0.13.1
0.13.2
0.13.3
0.13.4
0.13.5
0.13.6
0.13.7
0.13.8
0.14.0
0.14.1
0.14.2
0.15.0
0.16.0
0.17.0
0.17.1
0.18.0
0.19.0
0.19.1
0.2.1
0.2.2
0.2.3
0.20.0
0.20.1
0.20.2
0.20.3
0.20.4
0.21.0
0.22.0
0.23.0
0.23.1
0.24.0
0.25.0
0.26.0
0.26.0.post1
0.26.1
0.3.0
0.3.1
0.3.2
0.3.3
0.3.4
0.3.5
0.3.6
0.3.7
0.4.0
0.4.1
0.4.2
0.5.0
0.5.1
0.5.2
0.5.3
0.5.4
0.5.5
0.6.1
0.6.2
0.6.3
0.7.0
0.7.1
0.7.2
0.7.3
0.7.4
0.8.0
0.8.1
0.8.2
0.8.3
0.8.4
0.8.5
0.8.6
0.8.7
0.8.8
0.9.0
0.9.1
0.9.10
0.9.11
0.9.2
0.9.3
0.9.4
0.9.5
0.9.6
0.9.7
0.9.8
0.9.9

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29159.json"