Problem
root/requirements.txt pins python-multipart==0.0.9 which has a known high-severity ReDoS vulnerability (CVE-2024-47874) in Content-Type header parsing. This is a direct FastAPI dependency for file upload handling.
Fix
Upgrade to python-multipart>=0.0.12.
Files to Change
Acceptance Criteria
Problem
root/requirements.txtpinspython-multipart==0.0.9which has a known high-severity ReDoS vulnerability (CVE-2024-47874) in Content-Type header parsing. This is a direct FastAPI dependency for file upload handling.Fix
Upgrade to
python-multipart>=0.0.12.Files to Change
root/requirements.txtAcceptance Criteria
python-multipartupgraded to 0.0.12+