1128 matches found
GLSA-202408-11 : aiohttp: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202408-11 aiohttp: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in aiohttp. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
Mageia: Security Advisory (MGASA-2024-0235)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2024-0235 Updated python-aiohttp packages fix security vulnerability
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server e.g. nginx for serving static files. Users following th...
Updated python-aiohttp packages fix security vulnerability
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server e.g. nginx for serving static files. Users following th...
Exploit for Path Traversal in Aiohttp
CVE-2024-23334 Exploit and PoC This repository contains a Pro...
OPENSUSE-SU-2024:13642-1 python310-aiohttp-3.9.3-1.1 on GA media
These are all security issues fixed in the python310-aiohttp-3.9.3-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13691-1 python310-aiohttp-3.9.3-2.1 on GA media
These are all security issues fixed in the python310-aiohttp-3.9.3-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13965-1 python310-aiohttp-3.9.5-2.1 on GA media
These are all security issues fixed in the python310-aiohttp-3.9.5-2.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13465-1 python310-aiohttp-3.9.0-1.1 on GA media
These are all security issues fixed in the python310-aiohttp-3.9.0-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2024:13209-1 python310-aiohttp-3.8.5-2.1 on GA media
These are all security issues fixed in the python310-aiohttp-3.8.5-2.1 package on the GA media of openSUSE Tumbleweed...
aiohttp: XSS on index pages for static file handling
A flaw was found in aiohttp, an asynchronous HTTP client/server framework for asyncio and Python. When using "web.static..., showindex=True", the resulting index pages do not escape file names. If users can upload files with arbitrary filenames to the static directory, the server is vulnerable to...
aiohttp: DoS when trying to parse malformed POST requests
An infinite loop flaw was found in aiohttp when handling POST multipart/form-data requests. This flaw allows an attacker to send a specially crafted request, leading the server to enter an infinite loop and render it unable to process any further requests. This denial of service can be triggered ...
SUSE-SU-2024:1866-1 Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: - CVE-2024-27306: Fixed XSS on index pages for static file handling bsc1223098...
The vulnerability of the aiohttp HTTP client, related to the execution of a loop with an unreachable exit condition, allows a hacker to cause a service failure.
The vulnerability of the aiohttp HTTP client is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
Fedora: Security Advisory for python-aiohttp (FEDORA-2024-f83b123d63)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-aiohttp (FEDORA-2024-5dc487ee89)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-aiohttp (FEDORA-2024-000a25f3fc)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-aiohttp (FEDORA-2024-f34786d26f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2024-e0057e6044)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-aiohttp (FEDORA-2024-2f15e6e876)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...