VulnerableCode Package Details - pkg:deb/debian/quart@0.18.3-2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/quart@0.18.3-2

Essentials
History (3)

purl	pkg:deb/debian/quart@0.18.3-2

Next non-vulnerable version	0.20.0-1
Latest non-vulnerable version	0.20.0-1
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-myg8-m4rh-ruae Aliases: CVE-2024-49767 GHSA-q34m-jh98-gwm2	Werkzeug possible resource exhaustion when parsing file data in forms Applications using Werkzeug to parse `multipart/form-data` requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the `Request.max_form_memory_size` setting. The `Request.max_content_length` setting, as well as resource limits provided by deployment software and platforms, are also available to limit the resources used during a request. This vulnerability does not affect those settings. All three types of limits should be considered and set appropriately when deploying an application.	0.20.0-1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:45:11.656785+00:00	Debian Importer	Affected by	VCID-myg8-m4rh-ruae	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:44:44.579010+00:00	Debian Importer	Affected by	VCID-myg8-m4rh-ruae	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-08T19:49:23.336418+00:00	Debian Importer	Affected by	VCID-myg8-m4rh-ruae	https://security-tracker.debian.org/tracker/data/json	38.1.0