Search for packages
| purl | pkg:pypi/quart@0.18.4 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-myg8-m4rh-ruae
Aliases: CVE-2024-49767 GHSA-q34m-jh98-gwm2 |
Werkzeug possible resource exhaustion when parsing file data in forms Applications using Werkzeug to parse `multipart/form-data` requests are vulnerable to resource exhaustion. A specially crafted form body can bypass the `Request.max_form_memory_size` setting. The `Request.max_content_length` setting, as well as resource limits provided by deployment software and platforms, are also available to limit the resources used during a request. This vulnerability does not affect those settings. All three types of limits should be considered and set appropriately when deploying an application. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T23:12:24.483414+00:00 | GitLab Importer | Affected by | VCID-myg8-m4rh-ruae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/quart/CVE-2024-49767.yml | 38.4.0 |
| 2026-04-12T00:30:51.982720+00:00 | GitLab Importer | Affected by | VCID-myg8-m4rh-ruae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/quart/CVE-2024-49767.yml | 38.3.0 |
| 2026-04-03T00:38:31.547969+00:00 | GitLab Importer | Affected by | VCID-myg8-m4rh-ruae | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/quart/CVE-2024-49767.yml | 38.1.0 |