PyPI / starlette

Modified: 10/28/2024

Modified: 11/8/2023

BadHost: Missing Host header validation poisons request.url.path, bypassing path-based security checks

Modified: 5/26/2026

Starlette has possible denial-of-service vector when parsing large files in multipart forms

Modified: 2/4/2026

MultipartParser denial of service with too many fields or files

Modified: 3/16/2026

Starlette vulnerable to O(n^2) DoS via Range header merging in ``starlette.responses.FileResponse``

Modified: 5/11/2026

Starlette Denial of service (DoS) via multipart/form-data

Modified: 2/4/2026

Starlette has Path Traversal vulnerability in StaticFiles

Modified: 3/13/2026