CVE-2023-29159

HIGH 7.5

CVSS Score

7.5

EPSS Score

0.0%

EPSS Percentile

0th

Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.

Vendor	encode
Product	starlette
Published	Jun 1, 2023
Last Updated	Jan 9, 2025

Stay Ahead of the Next One

Get instant alerts for encode starlette

Be the first to know when new high vulnerabilities affecting encode starlette are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Encode / Starlette

versions 0.13.5 and later and prior to 0.27.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/encode/starlette/security/advisories/GHSA-v5gw-mw7f-84px github.com: https://github.com/encode/starlette/releases/tag/0.27.0 jvn.jp: https://jvn.jp/en/jp/JVN95981715/