starlite

PyPI3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting starlitepage 1 of 1

CVE-2023-25578HIGHCVSS 7.5EG 7.5✓ Fixed in 1.51.2
2023-02-15
vulnerable: 0.0.1a0 ... 1.9.1 (127 versions)
Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 1.5.2, the request body parsing in `starlite` allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipar…
CVE-2024-32982HIGHCVSS 8.2EG 8.2✓ Fixed in 1.51.16
2024-05-06
vulnerable: 1.37.0 ... 1.51.9 (36 versions)
Litestar and Starlite is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to 2.8.3, 2.7.2, and 2.6.4, a Local File Inclusion (LFI) vulnerability has been discovered in the static file serving component of LiteStar. This vul…
CVE-2024-52581HIGHCVSS 7.5EG 7.5
2024-11-20
vulnerable: 0.0.1a0 ... 1.9.1 (142 versions)
Litestar is an Asynchronous Server Gateway Interface (ASGI) framework. Prior to version 2.13.0, the multipart form parser shipped with litestar expects the entire request body as a single byte string and there is no default limit for the t…

Check whether starlite is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for starlite CVEs against the assets you own.

Start Free Scan →