Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing.

OSVersionArchitecturePackageVersionFilename
Fedora37anypython-aiohttp< 3.8.5UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Fedora	37	any	python-aiohttp	< 3.8.5	UNKNOWN

cbl_mariner 2

openvas 22

osv 18

nvd 1

alpinelinux 1

nessus 46

prion 1

fedora 7

github 2

redhatcve 1

hackerone 2

veracode 1

wolfi 1

cgr 1

debiancve 1

cvelist 1

ubuntucve 1

cve 1

ubuntu 1

almalinux 4

redhat 6

oraclelinux 4

ibm 14

rocky 2

mageia 1

nodejsblog 1

debian 1

photon 2

gentoo 1

ics 1

oracle 1

cbl_mariner

CVE-2023-30589 affecting package nodejs18 for versions less than 18.17.1-2

2023-09-27 18:02:50

CVE-2023-30589 affecting package nodejs for versions less than 16.20.1-2

2023-08-03 02:51:21

openvas

Fedora: Security Advisory for llhttp (FEDORA-2023-105880e618)

2023-08-17 00:00:00

Fedora: Security Advisory for python-aiohttp (FEDORA-2023-105880e618)

2023-08-17 00:00:00

Fedora: Security Advisory for python-aiohttp (FEDORA-2023-f75af676f2)

2023-08-08 00:00:00

osv

llhttp vulnerable to HTTP request smuggling

2023-07-01 00:30:46

CGA-vxm5-g5px-h6xx

2024-06-06 12:29:38

CVE-2023-30589

2023-07-01 00:15:10

nvd

CVE-2023-30589

2023-07-01 00:15:10

alpinelinux

CVE-2023-30589

2023-07-01 00:15:10

nessus

Fedora 39 : llhttp / python-aiohttp (2023-ad76deb86e)

2023-11-07 00:00:00

Fedora 38 : llhttp / python-aiohttp (2023-f75af676f2)

2023-08-07 00:00:00

Fedora 37 : llhttp / python-aiohttp (2023-105880e618)

2023-08-17 00:00:00

prion

Crlf injection

2023-07-01 00:15:00

fedora

[SECURITY] Fedora 37 Update: llhttp-8.1.1-1.fc37

2023-08-17 00:34:27

[SECURITY] Fedora 38 Update: llhttp-8.1.1-1.fc38

2023-08-07 01:27:34

[SECURITY] Fedora 38 Update: python-aiohttp-3.8.5-1.fc38

2023-08-07 01:27:35

github

llhttp vulnerable to HTTP request smuggling

2023-07-01 00:30:46

aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser

2023-07-20 14:52:00

redhatcve

CVE-2023-30589

2023-07-05 15:18:53

hackerone

Internet Bug Bounty: HTTP Request Smuggling via Empty headers separated by CR

2023-06-21 02:32:11

Node.js: HTTP Request Smuggling via Empty headers separated by CR

2023-05-25 13:38:29

veracode

HTTP Request Smuggling (HRS)

2023-07-23 04:52:48

wolfi

CVE-2023-30589 vulnerabilities

2024-09-30 09:32:54

cgr

CVE-2023-30589 vulnerabilities

2024-05-19 03:07:16

debiancve

CVE-2023-30589

2023-07-01 00:15:10

cvelist

CVE-2023-30589

2023-06-30 23:39:59

ubuntucve

CVE-2023-30589

2023-07-01 00:00:00

cve

CVE-2023-30589

2023-07-01 00:15:10

ubuntu

Node.js vulnerabilities

2024-04-16 00:00:00

almalinux

Moderate: nodejs:16 security, bug fix, and enhancement update

2023-08-08 00:00:00

Moderate: nodejs security, bug fix, and enhancement update

2023-07-31 00:00:00

Moderate: nodejs:18 security, bug fix, and enhancement update

2023-07-31 00:00:00

redhat

(RHSA-2023:4330) Moderate: nodejs:18 security, bug fix, and enhancement update

2023-07-31 08:54:02

(RHSA-2023:4331) Moderate: nodejs security, bug fix, and enhancement update

2023-07-31 08:55:53

(RHSA-2023:4537) Moderate: nodejs:16 security, bug fix, and enhancement update

2023-08-08 07:21:45

oraclelinux

nodejs:16 security, bug fix, and enhancement update

2023-08-10 00:00:00

18 security, bug fix, and enhancement update

2023-08-02 00:00:00

nodejs:18 security, bug fix, and enhancement update

2023-08-10 00:00:00

ibm

Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to several vulnerabilities in Node.js due to [CVE-2023-30581] [CVE-2023-30588] [CVE-2023-30589] [CVE-2023-30590]

2023-09-07 15:11:40

Security Bulletin: IBM DataPower Gateway vulnerable to multiple issues in Node.js

2023-10-13 12:54:24

Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Node.js

2023-08-01 09:43:58

rocky

nodejs:16 security, bug fix, and enhancement update

2023-08-08 12:34:39

nodejs:18 security, bug fix, and enhancement update

2023-10-06 23:10:12

mageia

Updated nodejs packages fix security vulnerability

2023-07-07 08:54:45

nodejsblog

Tuesday June 20 2023 Security Releases

2023-06-20 00:00:00

debian

[SECURITY] [DSA 5589-1] nodejs security update

2023-12-27 22:12:40

photon

Critical Photon OS Security Update - PHSA-2023-3.0-0606

2023-07-02 00:00:00

Important Photon OS Security Update - PHSA-2023-5.0-0041

2023-06-29 00:00:00

gentoo

Node.js: Multiple Vulnerabilities

2024-05-08 00:00:00

ics

Siemens SINEC NMS

2024-02-15 12:00:00

oracle

Oracle Critical Patch Update Advisory - October 2023

2023-10-17 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

AI Score

Confidence

High

EPSS

0.002

Percentile

58.0%

JSON

Related for FEDORA:2F23F2012DD3