pkg:PyPI/litestar

8 total CVEsHIGH6MEDIUM2

✅ Check your installed version

All known vulnerabilities

  • HIGH8.3CVE-2024-42370Withdrawn Advisory: Litestar has an environment Variable injection in `docs-preview.yml` workflow
    from 0, <= 2.10.0
  • HIGH8.2CVE-2024-32982Litestar and Starlite vulnerable to Path Traversal
    >= 2.8.0, < 2.8.3
  • HIGH7.5CVE-2025-59152Litestar X-Forwarded-For Header Spoofing Vulnerability Enables Rate Limit Evasion
    >= 2.17.0, < 2.18.0
  • HIGH7.5CVE-2024-52581Litestar allows unbounded resource consumption (DoS vulnerability)
    from 0, < 53c1473b5ff7502816a9a339ffc90731bb0c2138 | from 0, < 2.13.0
  • HIGH7.5CVE-2024-52581Litestar allows unbounded resource consumption (DoS vulnerability)
    from 0, < 2.13.0
  • HIGH7.4CVE-2026-25478Litestar's CORS origin allowlist has a bypass due to unescaped regex metacharacters in allowed origins
    >= 2.19.0, < 2.20.0
  • MEDIUM6.5CVE-2026-25480Litestar's FileStore key canonicalization collisions allow response cache mixup/poisoning (ASCII ord + Unicode NFKD)
    >= 2.19.0, < 2.20.0
  • MEDIUM6.5CVE-2026-25479Litestar's AllowedHosts has a validation bypass due to unescaped regex metacharacters in configured host patterns
    >= 2.19.0, < 2.20.0