pkg:PyPI/starlette

9 total CVEsHIGH4MEDIUM2LOW2

✅ Check your installed version

All known vulnerabilities

  • HIGH7.5CVE-2025-62727Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``
    >= 0.39.0, < 0.49.1
  • HIGH7.5CVE-2024-24762Duplicate Advisory: FastAPI Content-Type Header ReDoS
    from 0, < 0.36.2
  • HIGH7.5CVE-2023-30798MultipartParser denial of service with too many fields or files
    from 0, < 8c74c2c8dba7030154f8af18e016136bea1938fa | from 0, < 0.25.0
  • HIGH7.5CVE-2023-30798MultipartParser denial of service with too many fields or files
    from 0, < 0.25.0
  • MEDIUM6.5CVE-2026-48710BadHost: Missing Host header validation poisons request.url.path, bypassing path-based security checks
    from 0, < 1.0.1
  • MEDIUM5.3CVE-2025-54121Starlette has possible denial-of-service vector when parsing large files in multipart forms
    from 0, < 0.47.2
  • LOW3.7CVE-2023-29159Starlette has Path Traversal vulnerability in StaticFiles
    >= 0.13.5, < 0.27.0
  • LOW3.7CVE-2023-29159Starlette has Path Traversal vulnerability in StaticFiles
    >= 0.13.5, < 0.27.0
  • NONE0.0CVE-2024-47874Starlette Denial of service (DoS) via multipart/form-data
    from 0, < 0.40.0