CVE-2023-29159

Summary

Directory traversal vulnerability in Starlette versions 0.13.5 and later and prior to 0.27.0 allows a remote unauthenticated attacker to view files in a web service which was built using Starlette.

Affected Software

VendorProductVersion RangeStatus
EncodeStarletteversions 0.13.5 and later and prior to 0.27.0affected

Weaknesses

  • Directory traversal

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

References