Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-37276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. aiohttp v3.8.4 and earlier are bundled with llhttp v6.0.6. Vulnerable code is us...

7.5CVSS6.7AI score0.01422EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2024/05/07 12:0 a.m.27 views

aiohttp < 3.8.5 HTTP Request Smuggling Vulnerability - Linux

aiohttp is prone to a HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.6AI score0.03906EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.130 views

RHEL 8 : RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements (Moderate) (RHSA-2024:1878)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1878 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...

7.5CVSS6.7AI score0.76875EPSS
Exploits22References35
UbuntuCve
UbuntuCve
added 2023/07/19 8:15 p.m.36 views

CVE-2023-37276

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. aiohttp v3.8.4 and earlier are bundled with llhttp v6.0.6. Vulnerable code is used by aiohttp for its HTTP request parser when available which is the default case when installing from a wheel. This vulnerability only...

7.5CVSS6.8AI score0.01422EPSS
Exploits1References5
CVE
CVE
added 2023/07/19 7:39 p.m.164 views

CVE-2023-37276

CVE-2023-37276 affects aiohttp when used as an HTTP server (aiohttp.Application); vulnerable code is in the llhttp-based HTTP request parser bundled with aiohttp v3.8.4 and earlier. Exploitation can lead to HTTP request smuggling. The issue is addressed in aiohttp 3.8.5; upgrading is recommended....

7.5CVSS6.2AI score0.01422EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder