Skip to main content

python-multipart CVE-2026-53539

| EUVDEUVD-2026-38322 HIGH
Uncontrolled Resource Consumption (CWE-400)
2026-06-15 https://github.com/Kludex/python-multipart GHSA-5rvq-cxj2-64vf
7.5
CVSS 3.1 · Vendor: https://github.com/Kludex/python-multipart
Share

Severity by source

Vendor (https://github.com/Kludex/python-multipart) PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
vuln.today AI
7.5 HIGH

Reachable over the network on default form endpoints with no auth or user interaction; availability-only impact via CPU exhaustion, no confidentiality or integrity effect.

3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
SUSE
HIGH
qualitative

Primary rating from Vendor (https://github.com/Kludex/python-multipart).

CVSS VectorVendor: https://github.com/Kludex/python-multipart

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

2
Source Code Evidence Fetched
Jun 15, 2026 - 20:53 vuln.today
Analysis Generated
Jun 15, 2026 - 20:53 vuln.today

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 4 pypi packages depend on python-multipart (4 direct, 0 indirect)

Ecosystem-wide dependent count for version 0.0.30.

DescriptionCVE.org

Summary

When parsing application/x-www-form-urlencoded bodies, QuerystringParser located the field separator with a two step lookup: it first scanned the entire remaining buffer for &, and only when no & existed anywhere ahead did it fall back to scanning for ;. For a body that uses ; as the separator and contains no &, every field iteration performed a full failed & scan over the entire remaining buffer before locating the nearby ;. With N semicolon separated fields in a chunk of size B, this yields O(B^2) byte comparisons per chunk.

An attacker can submit a small crafted body of the form a;a;a;... and cause the parser to spend seconds of CPU per request. A handful of concurrent requests can exhaust worker processes.

Details

In python_multipart/multipart.py, both the FIELD_NAME and FIELD_DATA states located the next separator like this:

python
sep_pos = data.find(b"&", i)
if sep_pos == -1:
    sep_pos = data.find(b";", i)

data.find(b"&", i) scans from i to the end of the buffer and returns -1 only when there is no & anywhere in the remainder. For a ; separated body with no &, this failed full buffer scan repeats once per field, making parsing quadratic in the body length.

For example, a 1 MiB url encoded body consisting of a; repeated ~500,000 times, submitted with Content-Type: application/x-www-form-urlencoded, causes the parser to perform on the order of 10^11 byte comparisons, consuming several seconds of CPU for a single request. Cost scales quadratically with chunk size.

The parser is reachable through the public QuerystringParser class and through the high level FormParser, create_form_parser, and parse_form APIs for url encoded bodies. It is also the parser Starlette and FastAPI use for application/x-www-form-urlencoded request bodies via request.form().

Impact

Uncontrolled CPU consumption (denial of service). Parsing is synchronous, so a single small crafted form body occupies the handling worker for seconds, blocking any other work on that worker until parsing finishes. Sustained concurrent requests keep workers continuously busy, degrading or denying service.

Mitigation

Upgrade to python-multipart 0.0.30 or later, which treats only & as a field separator (per the WHATWG URL standard) using a single bounded scan, making parsing linear in the body length.

AnalysisAI

Uncontrolled CPU consumption in python-multipart's QuerystringParser (versions <0.0.30) allows remote unauthenticated attackers to cause denial of service by submitting small crafted application/x-www-form-urlencoded bodies using semicolons as field separators. The two-step separator lookup degenerates into O(B²) byte comparisons, letting a ~1 MiB body burn seconds of CPU per request and exhaust workers in Starlette/FastAPI applications that call request.form(). No public exploit identified at time of analysis, though a clear proof-of-concept payload pattern (a;a;a;...) is described in the GHSA advisory.

Technical ContextAI

python-multipart is a streaming parser for multipart/form-data and application/x-www-form-urlencoded bodies, used as the default form parser by Starlette and FastAPI via request.form(). The flaw lives in python_multipart/multipart.py where the FIELD_NAME and FIELD_DATA state handlers call data.find(b"&", i) before falling back to data.find(b";", i); when the body uses only semicolons, the first call performs a full failed scan of the remaining buffer on every field iteration. This is a textbook CWE-400 (Uncontrolled Resource Consumption) algorithmic complexity attack - the per-chunk cost scales as O(B²) in body size B, which is amplified because parsing is synchronous and blocks the handling worker. The affected package is identified by pkg:pip/python-multipart and the fix (0.0.30) realigns behavior with the WHATWG URL standard by treating only & as the separator using a single bounded scan.

RemediationAI

Vendor-released patch: upgrade python-multipart to 0.0.30 or later, which uses a single bounded scan and only honors & as a field separator per the WHATWG URL standard, restoring linear-time parsing. Pin the constraint in requirements.txt/pyproject.toml (python-multipart>=0.0.30) and ensure transitive resolution in Starlette/FastAPI projects actually picks up the fix (verify with pip show python-multipart). If you cannot upgrade immediately, compensating controls include enforcing a tight maximum request body size at the reverse proxy or ASGI layer (e.g., nginx client_max_body_size, Uvicorn --limit-max-requests) to cap the quadratic cost, adding per-request CPU/time limits in the web server, or rejecting application/x-www-form-urlencoded bodies that contain semicolons before they reach the parser - note the last option will break any legitimate clients still sending semicolon-separated form data, though that pattern was deprecated by WHATWG. Refer to https://github.com/Kludex/python-multipart/security/advisories/GHSA-5rvq-cxj2-64vf for vendor guidance.

More in Python

View all
CVE-2025-24016 CRITICAL POC
9.9 Feb 10

Wazuh SIEM platform versions 4.4.0 through 4.9.0 contain an unsafe deserialization vulnerability in the DistributedAPI t

CVE-2025-27520 CRITICAL POC
9.8 Apr 04

BentoML version 1.4.2 and earlier contains an unauthenticated remote code execution vulnerability through insecure deser

CVE-2025-2945 CRITICAL POC
9.9 Apr 03

pgAdmin 4 contains critical remote code execution vulnerabilities in the Query Tool download and Cloud Deployment endpoi

CVE-2013-5093 MEDIUM POC
6.8 Sep 27

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python

CVE-2025-32375 CRITICAL POC
9.8 Apr 09

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. Rated critica

CVE-2014-0224 HIGH POC
7.4 Jun 05

OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCiph

CVE-2024-21644 HIGH POC
7.5 Jan 08

pyLoad download manager version prior to 0.5.0b3.dev77 exposes the Flask SECRET_KEY through an unauthenticated endpoint.

CVE-2017-9462 HIGH POC
8.8 Jun 06

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and conse

CVE-2026-39987 CRITICAL POC
9.3 Apr 08

Unauthenticated remote code execution in Marimo ≤0.20.4 allows attackers to execute arbitrary system commands via the `/

CVE-2024-21645 MEDIUM POC
5.3 Jan 08

pyLoad is the free and open-source Download Manager written in pure Python. Rated medium severity (CVSS 5.3), this vulne

CVE-2026-33017 CRITICAL POC
9.3 Mar 17

Langflow (a visual LLM pipeline builder) contains a critical unauthenticated code execution vulnerability (CVE-2026-3301

CVE-2026-55255 HIGH POC
8.4 Jun 19

Cross-user flow execution in Langflow (< 1.9.1) lets any authenticated API-key holder run another user's flow by passing

Vendor StatusVendor

SUSE

Severity: Important
Product Status
SUSE Linux Enterprise Server 16.0 Affected
SUSE Linux Enterprise Server 16.0 Affected
SUSE Linux Enterprise Server 16.1 Affected
SUSE Linux Enterprise Server for SAP applications 16.0 Affected
SUSE Linux Enterprise Server for SAP applications 16.1 Affected

Share

CVE-2026-53539 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy