cbcvebase.
CVE-2024-53981
published 2024-12-02

CVE-2024-53981: python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR \r or LF \n) in front of the first…

PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.64%
46.2th percentile
python-multipart is a streaming multipart parser for Python. When parsing form data, python-multipart skips line breaks (CR \r or LF \n) in front of the first boundary and any tailing bytes after the last boundary. This happens one byte at a time and emits a log event each time, which may cause excessive logging for certain inputs. An attacker could abuse this by sending a malicious request with lots of data before the first or after the last boundary, causing high CPU load and stalling the processing thread for a significant amount of time. In case of ASGI application, this could stall the event loop and prevent other requests from being processed, resulting in a denial of service (DoS). This vulnerability is fixed in 0.0.18.

Affected

7 ranges
VendorProductVersion rangeFixed in
debianpython-multipart< python-multipart 0.0.20-1 (forky)python-multipart 0.0.20-1 (forky)
kludexpython-multipart< 0.0.180.0.18
kludexpython-multipart>= 0 < 0.0.20-10.0.20-1
kludexpython-multipart>= 0 < 0.0.20-10.0.20-1
kludexpython-multipart>= 0 < 0.0.180.0.18
kludexpython-multipart>= 0 < 0.0.5-2ubuntu0.1~esm10.0.5-2ubuntu0.1~esm1
kludexpython-multipart>= 0 < 0.0.9-1ubuntu0.1~esm10.0.9-1ubuntu0.1~esm1

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.