Detections
Analytics
Fedora 38 : python-fastapi / python-multipart (2024-09c7f715c9)
high Nessus Plugin ID 192053
Language:
Synopsis
The remote Fedora host is missing one or more security updates.Description
The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-09c7f715c9 advisory.- ## `python-multipart` 0.0.7 (2024-02-03) * Refactor header option parser to use the standard library instead of a custom RegEx [#75](https://github.com/andrew-d/python-multipart/pull/75). Fixes a denial of service vulnerability, [GHSA-qf9m-vfgh-m389](https://github.com/tiangolo/fastapi/security/advisories/GHSA- qf9m-vfgh-m389), initially reported in FastAPI but applicable to other libraries and applications.
(FEDORA-2024-09c7f715c9)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
Solution
Update the affected python-fastapi and / or python-multipart packages.See Also
https://bodhi.fedoraproject.org/updates/FEDORA-2024-09c7f715c9
Plugin Details
Severity: High
ID: 192053
File Name: fedora_2024-09c7f715c9.nasl
Version: 1.0
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 3/13/2024
Updated: 3/13/2024
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Vulnerability Information
CPE: cpe:/o:fedoraproject:fedora:38, p-cpe:/a:fedoraproject:fedora:python-fastapi, p-cpe:/a:fedoraproject:fedora:python-multipart
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 3/5/2024
Vulnerability Publication Date: 3/5/2024
Reference Information
FEDORA: 2024-09c7f715c9