litestar@2.1.0 vulnerabilities
Litestar - A production-ready, highly performant, extensible ASGI API Framework
-
latest version
2.13.0
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
4 days ago
-
licenses detected
- [0,)
Direct Vulnerabilities
Known vulnerabilities in the litestar package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling due to the lack of size limits or size checks when reading the request body into memory via await Note: All Litestar applications that process How to fix Allocation of Resources Without Limits or Throttling? Upgrade |
[,2.13.0)
|
litestar is a Litestar - A production-ready, highly performant, extensible ASGI API Framework Affected versions of this package are vulnerable to Path Traversal through the static content serving function. An attacker can gain unauthorized access to sensitive files outside the designated directories by exploiting path traversal flaws in the file path handling mechanism. Notes:
How to fix Path Traversal? Upgrade |
[2.0.0,2.6.4)
[2.7.0,2.7.2)
[2.8.0,2.8.3)
|