1233 matches found
USN-5386-1 python-aiohttp vulnerability
Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks...
AIOHTTP < 3.7.4 Open Redirect Vulnerability
According to its self-reported version, the AIOHTTP server hosted on the remote host is prior to version 3.7.4. It is, therefore, affected by a open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the clients browser to a different website. Note th...
NTLMRecon - Enumerate Information From NTLM Authentication Enabled Web Endpoints
A fast and flexible NTLM reconnaissance tool without external dependencies. Useful to find out information about NTLM endpoints when working with a large set of potential IP addresses and domains. NTLMRecon is built with flexibilty in mind. Need to run recon on a single URL, an IP address, an...
Mageia: Security Advisory (MGASA-2021-0161)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
aiohttp-init (=0.0.1), airhttprunner (>=3.1.4 <=3.1.6) +152 more potentially affected by CVE-2022-0338 via loguru (>=0.2.4 <=0.5.2)
loguru PYPI version =0.2.4, =3.1.4, =0.1.5, =0.1.1, =2.0.0, =0.2.3, =4.6.4, =2.3.2, =0.39.0, =0.52.0 and more Source cves: CVE-2022-0338 Source advisory: OSV:PYSEC-2022-14...
ROS-2-435
2.435 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python aiohttp
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Python aiohttp. Vulnerability Details CVEID: CVE-2021-21330 DESCRIPTION: AIOHTTP could allow a remote attacker to conduct phishing attacks, caused by a bug in the aiohttp.webmiddlewares.normalizepathmiddlewar...
ROS-2-792
2.792 Open redirect in aiohttp CVE-2021-21330 1. Vulnerability Description: Vulnerability allows cross-site scripting and bypass of security restrictions.Identifier of the Information Security Threats Data Bank of the FSTEC of Russia: BDU:2021-01528 2. Possible measures to eliminate the...
SUSE: Security Advisory (SUSE-SU-2021:1313-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
FreeBSD : aiohttp -- open redirect vulnerability (3000acee-c45d-11eb-904f-14dae9d5a9d2)
Sviatoslav Sydorenko reports : Open redirect vulnerability -- a maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the aiohttp.webmiddlewares.normalizepathmiddleware middleware. %NASLMINLEVEL 70300 C Tenable Network...
Fedora: Security Advisory for python-databases (FEDORA-2021-e7fabd81fb)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2021:1313-1 Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: - CVE-2021-21330: Fixed the way pure-Python HTTP parser interprets // bsc1184745...
Updated python-aiohttp package fixes security vulnerability
Beast Glatisant and Jelmer Vernooij reported that python-aiohttp is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website CVE-2021-21330...
MGASA-2021-0161 Updated python-aiohttp package fixes security vulnerability
Beast Glatisant and Jelmer Vernooij reported that python-aiohttp is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website CVE-2021-21330...
The vulnerability of the aiohttp HTTP client, related to the redirection of URLs to unreliable websites, allows attackers to carry out phishing attacks.
The vulnerability of the aiohttp HTTP client is related to the redirection of URLs to an unreliable website. Exploiting this vulnerability allows a remote attacker to carry out phishing attacks using a specially created link...
Sub404 - A Python Tool To Check Subdomain Takeover Vulnerability
Sub 404 is a tool written in python which is used to check possibility of subdomain takeover vulnerabilty and it is fast as it is Asynchronous. Why During recon process you might get a lot of subdomainse.g more than 10k. It is not possible to test each manually or with traditional requests or...
Fedora 33 : python-aiohttp (2021-673b10ed77)
The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-673b10ed77 advisory. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In aiohttp before version 3.7.4 there is an open redirect...
Fedora: Security Advisory for python-aiohttp (FEDORA-2021-673b10ed77)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: python-aiohttp-3.7.4-1.fc33
Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webserve rs with middlewares and pluggable routing...
CVE-2021-21330
An open redirect flaw was found in python-aiohttp. This flaw allows a remote, unauthenticated attacker to trick users into visiting a malicious webpage, disguised as a legitimate webpage and affects applications using the normalizepathmiddleware functionality. The highest threat from this...