ROS-2-792

2.792 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...

SUSE: Security Advisory (SUSE-SU-2021:1313-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : aiohttp -- open redirect vulnerability (3000acee-c45d-11eb-904f-14dae9d5a9d2)

Sviatoslav Sydorenko reports : Open redirect vulnerability -- a maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the aiohttp.webmiddlewares.normalizepathmiddleware middleware. %NASLMINLEVEL 70300 C Tenable Network...

Fedora: Security Advisory for python-databases (FEDORA-2021-e7fabd81fb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2021:1313-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2021-21330: Fixed the way pure-Python HTTP parser interprets // bsc1184745...

Updated python-aiohttp package fixes security vulnerability

Beast Glatisant and Jelmer Vernooij reported that python-aiohttp is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website CVE-2021-21330...

MGASA-2021-0161 Updated python-aiohttp package fixes security vulnerability

Beast Glatisant and Jelmer Vernooij reported that python-aiohttp is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website CVE-2021-21330...

The vulnerability of the aiohttp HTTP client, related to the redirection of URLs to unreliable websites, allows attackers to carry out phishing attacks.

The vulnerability of the aiohttp HTTP client is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a remote attacker to carry out phishing attacks using a specially created link...

Sub404 - A Python Tool To Check Subdomain Takeover Vulnerability

Sub 404 is a tool written in python which is used to check possibility of subdomain takeover vulnerabilty and it is fast as it is Asynchronous. Why During recon process you might get a lot of subdomainse.g more than 10k. It is not possible to test each manually or with traditional requests or...

Fedora 33 : python-aiohttp (2021-673b10ed77)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-673b10ed77 advisory. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect...

Fedora: Security Advisory for python-aiohttp (FEDORA-2021-673b10ed77)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 33 Update: python-aiohttp-3.7.4-1.fc33

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable routing...

CVE-2021-21330

An open redirect flaw was found in python-aiohttp. This flaw allows a remote, unauthenticated attacker to trick users into visiting a malicious webpage, disguised as a legitimate webpage and affects applications using the normalizepathmiddleware functionality. The highest threat from this...

Open Redirection

aiohttp is vulnerable to open redirection. An attacker is able to redirect a user to a malicious website using a malicious link due to a URL validation bug in the aiohttp.webmiddlewares.normalizepathmiddleware middleware...

Debian DSA-4864-1 : python-aiohttp - security update

Beast Glatisant and Jelmer Vernooij reported that python-aiohttp, a async HTTP client/server framework, is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. C Tenable Network Security, Inc. The...

Debian: Security Advisory (DSA-4864-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4864-1] python-aiohttp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4864-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 27, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4864-1] python-aiohttp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4864-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 27, 2021 https://www.debian.org/security/faq -...

DSA-4864-1 python-aiohttp - security update

Bulletin has no description...

CVE-2021-21330

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the...