More information about this security flaw is available in the following bug: https://bugzilla.redhat.com/show_bug.cgi?id=2329980 Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.
In Fedora 41, the python-multipart package started to deliver https://pypi.org/project/multipart/, while the python-python-multipart package delivers https://pypi.org/project/python-multipart/. This CVE applies to the latter. Here in Fedora 40, this CVE is covered by https://bodhi.fedoraproject.org/updates/FEDORA-2024-ab8945c2bd.
FEDORA-2024-ab8945c2bd (python-multipart-0.0.19-1.fc40) has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2024-ab8945c2bd
FEDORA-2024-ab8945c2bd (python-multipart-0.0.19-1.fc40) has been pushed to the Fedora 40 stable repository. If problem still persists, please make note of it in this bug report.