Fedora 42 python-python-multipart Critical Fix for Arbitrary File Write
fedora
February 4, 2026
Security fix for CVE-2026-24486 / GHSA-wp53-j4wj-2cfg
Summary
Python-Multipart is a streaming multipart parser for Python.
Update Information:
Security fix for CVE-2026-24486 / GHSA-wp53-j4wj-2cfg. 0.0.22 (2026-01-25) Drop directory path from filename in File
Change Log
* Sun Jan 25 2026 Packit
References
[ 1 ] Bug #2432631 - python-python-multipart-0.0.22 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2432631
[ 2 ] Bug #2433374 - CVE-2026-24486 python-python-multipart: Python-Multipart has Arbitrary File Write via Non-Default Configuration [fedora-42]
https://bugzilla.redhat.com/show_bug.cgi?id=2433374
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-720b8d0c6c' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Name: python-python-multipart
Product: Fedora 42
Version: 0.0.22
Release: 1.fc42
Summary: A streaming multipart parser for Python
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!