Skip to main content

Starlette CVE-2026-48817

MEDIUM
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') (CWE-470)
2026-06-15 https://github.com/Kludex/starlette GHSA-x746-7m8f-x49c
5.3
CVSS 3.1 · Vendor: https://github.com/Kludex/starlette
Share

Severity by source

Vendor (https://github.com/Kludex/starlette) PRIMARY
5.3 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
vuln.today AI
6.5 MEDIUM

Network vector and no auth required; confidentiality raised to Low because bypassing authorization on internal methods can expose sensitive data, contradicting the C:N in the NVD vector.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
SUSE
MEDIUM
qualitative
Red Hat
5.3 MEDIUM
qualitative

Primary rating from Vendor (https://github.com/Kludex/starlette).

CVSS VectorVendor: https://github.com/Kludex/starlette

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 15, 2026 - 20:51 vuln.today
Analysis Generated
Jun 15, 2026 - 20:51 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 10 pypi packages depend on starlette (9 direct, 1 indirect)

Ecosystem-wide dependent count for version 1.1.0.

DescriptionCVE.org

Summary

When dispatching a request, HTTPEndpoint selects the handler by lowercasing the HTTP method and looking it up as an attribute with getattr, without restricting the lookup to a known set of HTTP verbs.

When an HTTPEndpoint subclass is registered through Route(...) without an explicit methods= argument, the route does not constrain the method and every method reaches the endpoint. If a non-standard HTTP method whose lowercased name matches an attribute on the endpoint subclass reaches the endpoint, that attribute is invoked as if it were a request handler. An attacker can use this to reach methods that were never meant to be HTTP handlers, such as internal helpers, without the authorization checks applied by the intended public handler.

Details

HTTPEndpoint uses the client-supplied method name to resolve an instance attribute, without validating it against the set of HTTP verbs the endpoint supports. A method such as _DO_DELETE therefore resolves an attribute like _do_delete and invokes it. Non-standard methods are valid RFC 9110 token methods, so an endpoint must not treat the method name as a trusted attribute selector.

Impact

An application is affected when all of the following hold:

  • It defines an HTTPEndpoint subclass and registers it via Route(...) without an explicit methods= argument.
  • The subclass defines additional methods whose names match a non-standard HTTP-method token shape and that accept a single request argument and return a response.

This also affects frameworks built on Starlette, like FastAPI.

Mitigation

Register HTTPEndpoint subclasses with an explicit methods= argument on the Route, listing only the HTTP verbs the endpoint supports. The route then rejects any other method with 405 Method Not Allowed before it reaches the endpoint, so non-standard methods cannot resolve an attribute.

AnalysisAI

Starlette's HTTPEndpoint dispatcher allows remote unauthenticated attackers to invoke arbitrary internal Python instance methods as HTTP handlers by sending non-standard HTTP method names that resolve to endpoint attributes via getattr, effectively circumventing authorization logic guarding intended public handlers. Applications built on Starlette - including FastAPI - are affected when HTTPEndpoint subclasses are registered via Route(...) without an explicit methods= argument and those subclasses expose internal methods whose lowercased names match non-standard HTTP token shapes. No public exploit or active exploitation has been identified at time of analysis; a vendor-released patch is available in starlette 1.1.0.

Technical ContextAI

Starlette (pip/starlette) is a lightweight ASGI web framework for Python, used directly and as the foundation for FastAPI. The affected component is HTTPEndpoint, which dispatches incoming HTTP requests by calling getattr(self, request.method.lower()) to resolve the handler. This pattern is a textbook instance of CWE-470 (Use of Externally-Controlled Input to Select Classes or Code), where client-supplied data - here the HTTP method string - directly controls which code path is executed without validation against an allowlist. RFC 9110 permits arbitrary token strings as HTTP method names, meaning browsers, curl, and custom HTTP clients can legally transmit methods like _DO_DELETE, which Starlette silently lowercases to _do_delete and resolves as an instance attribute. When a Route is registered without the methods= parameter, Starlette applies no method-level filtering prior to dispatching, so the getattr lookup occurs against the full attribute namespace of the endpoint class, not just its declared HTTP verb handlers.

RemediationAI

Vendor-released patch: starlette 1.1.0. Upgrade the starlette package to version 1.1.0 or later via pip install --upgrade starlette; FastAPI users should verify their starlette dependency is updated to 1.1.0 as well. For applications that cannot immediately upgrade, the complete and effective workaround is to add an explicit methods= argument to every Route(...) registration that uses an HTTPEndpoint subclass - for example, Route('/resource', MyEndpoint, methods=['GET', 'POST']). This causes Starlette to return 405 Method Not Allowed before the getattr dispatch occurs, fully blocking the attack path with no functional side effects for compliant clients. Adding methods= is best practice regardless of patching status and is recommended as a defense-in-depth measure even after upgrading. Advisory and fix details are at https://github.com/Kludex/starlette/security/advisories/GHSA-x746-7m8f-x49c.

Vendor StatusVendor

SUSE

Severity: Moderate
Product Status
SUSE Linux Enterprise Server 16.0 Affected
SUSE Linux Enterprise Server 16.0 Affected
SUSE Linux Enterprise Server 16.1 Affected
SUSE Linux Enterprise Server for SAP applications 16.0 Affected
SUSE Linux Enterprise Server for SAP applications 16.1 Affected

Share

CVE-2026-48817 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy