exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2024-24762

около 2 лет назад

`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-24762

около 2 лет назад

`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7.

CVSS3: 7.5

EPSS: Низкий

CVE-2024-24762

около 2 лет назад

`python-multipart` is a streaming multipart parser for Python. When us ...

CVSS3: 7.5

EPSS: Низкий

GHSA-2jv5-9r88-3w3p

почти 2 года назад

python-multipart vulnerable to Content-Type Header ReDoS

CVSS3: 7.5

EPSS: Низкий

BDU:2025-01435

около 2 лет назад

Уязвимость потокового многокомпонентного парсера python-multipart, связанная с неэффективной сложностью регулярных выражений, позволяющая нарушителю вызвать отказ в обслуживании

CVSS3: 7.5

EPSS: Низкий

ROS-20250203-09

около 1 года назад

Уязвимость python3-multipart

CVSS3: 7.5

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-24762 `python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7.	CVSS3: 7.5	2% Низкий	около 2 лет назад
CVE-2024-24762 `python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Type` option that is very difficult for the RegEx to process, consuming CPU resources and stalling indefinitely (minutes or more) while holding the main event loop. This means that process can't handle any more requests, leading to regular expression denial of service. This vulnerability has been patched in version 0.0.7.	CVSS3: 7.5	2% Низкий	около 2 лет назад
CVE-2024-24762 `python-multipart` is a streaming multipart parser for Python. When us ...	CVSS3: 7.5	2% Низкий	около 2 лет назад
GHSA-2jv5-9r88-3w3p python-multipart vulnerable to Content-Type Header ReDoS	CVSS3: 7.5	2% Низкий	почти 2 года назад
BDU:2025-01435 Уязвимость потокового многокомпонентного парсера python-multipart, связанная с неэффективной сложностью регулярных выражений, позволяющая нарушителю вызвать отказ в обслуживании	CVSS3: 7.5	2% Низкий	около 2 лет назад
ROS-20250203-09 Уязвимость python3-multipart	CVSS3: 7.5	2% Низкий	около 1 года назад

Уязвимостей на страницу