python-multipart

PyPI4 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting python-multipartpage 1 of 1

CVE-2024-24762HIGHCVSS 7.5EG 7.5✓ Fixed in 0.0.7
2024-02-05
vulnerable: 0.0.1 ... 0.0.6 (6 versions)
`python-multipart` is a streaming multipart parser for Python. When using form data, `python-multipart` uses a Regular Expression to parse the HTTP `Content-Type` header, including options. An attacker could send a custom-made `Content-Typ…
CVE-2024-53981HIGHCVSS 7.5EG 7.5✓ Fixed in 0.0.18
2024-12-02
vulnerable: 0.0.1 ... 0.0.9 (17 versions)
python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR \r or LF \n) in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at…
CVE-2026-40347MEDIUMCVSS 5.3EG 5.3✓ Fixed in 0.0.26
2026-04-18
vulnerable: 0.0.1 ... 0.0.9 (25 versions)
Python-Multipart is a streaming multipart parser for Python. Versions prior to 0.0.26 have a denial of service vulnerability when parsing crafted `multipart/form-data` requests with large preamble or epilogue sections. Upgrade to version 0…
CVE-2026-42561HIGHCVSS 7.5EG 7.5✓ Fixed in 0.0.27
2026-05-13
vulnerable: 0.0.1 ... 0.0.9 (26 versions)
Python-Multipart is a streaming multipart parser for Python. Prior to 0.0.27, python-multipart has a denial of service vulnerability in multipart part header parsing. When parsing multipart/form-data, MultipartParser previously had no limi…

Check whether python-multipart is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for python-multipart CVEs against the assets you own.

Start Free Scan →