Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Ubuntu 22.04 24.04 Python Multipart Important Denial of Service USN-8027-1

ubuntu
Calendar Grey February 11, 2026
Dist Ubuntu Esm H88
Several security issues were fixed in Python-Multipart affecting Ubuntu 22.04 and 24.04 LTS with major updates necessary.
Several security issues were fixed in Python-Multipart.

Summary

Several security issues were fixed in Python-Multipart.

Software Description:

- python-multipart: A streaming multipart parser for Python.

Details:

It was discovered that Python-Multipart incorrectly handled certain

regular expressions. An attacker could possibly use this issue to cause

Python-Multipart to consume excessive resources, leading to a regular

expression denial of service. This issue only affected Ubuntu 22.04 LTS.

(CVE-2024-24762)

It was discovered that Python-Multipart did not properly sanitize line

breaks during user input. An attacker could use this issue to send

arbitrary input, thus preventing other requests from being processed,

resulting in a denial of service. This issue was only fixed in

Ubuntu 24.04 LTS. (CVE-2024-53981)

It was discovered that Python-Multipart was vulnerable to path traversal

attacks. An attacker could possibly craft and upload files outside the

target directory, resulting in remote code execution. (CVE-2026-24486)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  python3-multipart               0.0.9-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  python3-multipart               0.0.5-2ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8027-1

CVE-2024-24762, CVE-2024-53981, CVE-2026-24486

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8027-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here