1086 matches found
GHSA-RWQR-C348-M5WR Withdrawn: Denial of Service in aiohttp
Withdrawn This advisory has been withdrawn because the maintainers of aiohttp and multiple third parties disputed the validity of the issue. There is not sufficient evidence for the claims in the original report. Original Description aiohttp v3.8.1 was discovered to contain an invalid IPv6 URL...
Withdrawn: Denial of Service in aiohttp
Withdrawn This advisory has been withdrawn because the maintainers of aiohttp and multiple third parties disputed the validity of the issue. There is not sufficient evidence for the claims in the original report. Original Description aiohttp v3.8.1 was discovered to contain an invalid IPv6 URL...
CVE-2022-33124
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
CVE-2022-33124
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
CVE-2022-33124
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
CVE-2022-33124
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
Design/Logic Flaw
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
PYSEC-2022-43059
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
PYSEC-2022-43059
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
aiohttp 安全漏洞
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python. aiohttp version v3.8.1 has a denial of service vulnerability that stems from failure to properly handle incoming error messages, which could be exploited by an attacker to cause a denial of service of the...
CVE-2022-33124
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service DoS. NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the...
CVE-2022-33124
CVE-2022-33124 (aiohttp 3.8.1): A denial of service can occur via an invalid IPv6 URL that triggers a ValueError, as reported in multiple sources. The IBM Cloud Pak for Watson AIOps bulletin lists CVE-2022-33124 with a CVSS base score of 5.5 (3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) and notes tha...
PT-2022-21701 · Aiohttp · Aiohttp
Name of the Vulnerable Software and Affected Versions: AIOHTTP version 3.8.1 Description: The issue concerns a potential Denial of Service DoS due to an invalid IPv6 URL, which can lead to a "ValueError: Invalid IPv6 URL" outcome. However, multiple third parties dispute this issue, citing a lack ...
USN-5386-1: AIOHTTP vulnerability
Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks...
USN-5386-1 python-aiohttp vulnerability
Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks...
AIOHTTP < 3.7.4 Open Redirect Vulnerability
According to its self-reported version, the AIOHTTP server hosted on the remote host is prior to version 3.7.4. It is, therefore, affected by a open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the clients browser to a different website. Note th...
NTLMRecon - Enumerate Information From NTLM Authentication Enabled Web Endpoints
A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an...
Mageia: Security Advisory (MGASA-2021-0161)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
aiohttp-init (=0.0.1), airhttprunner (>=3.1.4 <=3.1.6) +152 more potentially affected by CVE-2022-0338 via loguru (>=0.2.4 <=0.5.2)
loguru PYPI version =0.2.4, =3.1.4, =0.1.5, =0.1.1, =2.0.0, =0.2.3, =4.6.4, =2.3.2, =0.39.0, =0.52.0 and more Source cves: CVE-2022-0338 Source advisory: OSV:PYSEC-2022-14...
ROS-2-435
2.435 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...