Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-49082

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request...

5.3CVSS7.1AI score0.0094EPSS
Exploits1References2
OSV
OSV
added 2025/07/17 5:56 a.m.11 views

USN-7642-1 python-aiohttp vulnerabilities

Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this issue to perform request smuggling. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-47627 Ivan Novikov discovered that AIOHTTP did not properly validate...

7.5CVSS6.8AI score0.01085EPSS
Exploits4References8
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:22 a.m.46 views

Security Bulletin: IBM Maximo Application Suite - IoT Component uses aiohttp-3.8.6-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2024-23829, CVE-2023-49082, CVE-2024-23334 and CVE-2023-49081

Summary IBM Maximo Application Suite - IoT Component uses aiohttp-3.8.6-cp37-cp37m-manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2024-23829, CVE-2023-49082, CVE-2024-23334 and CVE-2023-49081. This bulletin contains information regarding the vulnerability and its fixture...

7.5CVSS7.1AI score0.76875EPSS
Exploits18Affected Software1
Debian
Debian
added 2024/12/11 7:24 p.m.23 views

[SECURITY] [DSA 5828-1] python-aiohttp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5828-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 11, 2024 https://www.debian.org/security/faq -...

7.5CVSS7.7AI score0.76875EPSS
Exploits18
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.21 views

Fedora: Security Advisory (FEDORA-2023-d5bd6b62e4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.9AI score0.0094EPSS
Exploits2References8
IBM Security Bulletins
IBM Security Bulletins
added 2024/05/11 4:56 p.m.62 views

Security Bulletin: IBM Storage Fusion is vulnerable to HTTP request smuggling, denial of server due to aiohttp, cryptography.

Summary aiohttp, cryptography and Gunicorn are used by IBM Storage Fusion as part of the Backup and Restore service and may be vulnerable to the CVEs listed below. CVE-2024-1135, CVE-2024-26130, CVE-2024-23829, CVE-2024-2334, CVE-2023-49081, CVE-2023-49082. Vulnerability Details CVEID:CVE-2024-11...

7.5CVSS7.6AI score0.76875EPSS
Exploits18Affected Software1
OpenVAS
OpenVAS
added 2024/05/07 12:0 a.m.29 views

aiohttp < 3.9.0 Multiple Vulnerabilities - Windows

aiohttp is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...

7.2CVSS5.5AI score0.0094EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.37 views

Fedora 40 : python-aiohttp / python-pysqueezebox / python-wled (2023-d5bd6b62e4)

The remote Fedora 40 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-d5bd6b62e4 advisory. Security fix for CVE-2023-49081, CVE-2023-49082. Update python-aiohttp to 3.9.1. Patch python-pysqeezebox and python-wled so they do not have an...

7.2CVSS6.5AI score0.0094EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.130 views

RHEL 8 : RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements (Moderate) (RHSA-2024:1878)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1878 advisory. Red Hat Update Infrastructure RHUI offers a highly scalable, highly redundant framework that enables you to manage repositories and content...

7.5CVSS6.7AI score0.76875EPSS
Exploits22References35
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.33 views

openSUSE Security Advisory (SUSE-SU-2024:0168-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.0094EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/02/22 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2024:0577-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.2AI score0.76875EPSS
Exploits20References9
OSV
OSV
added 2024/01/19 2:0 p.m.7 views

SUSE-SU-2024:0168-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: Updated to version 3.8.6: - CVE-2023-49082: Fixed an HTTP header injection via a crafted method bsc1217682...

5.3CVSS6.3AI score0.0094EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/01/19 12:0 a.m.42 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-aiohttp (SUSE-SU-2024:0168-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0168-1 advisory. Updated to version 3.8.6: - CVE-2023-49082: Fixed an HTTP header injection via a crafted method bsc121768...

5.3CVSS6.5AI score0.0094EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/01/18 12:0 a.m.22 views

Fedora: Security Advisory for python-aiohttp (FEDORA-2023-1f06098c71)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.8AI score0.0094EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2024/01/18 12:0 a.m.29 views

Fedora: Security Advisory for python-wled (FEDORA-2023-1f06098c71)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.2CVSS5.8AI score0.0094EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2024/01/07 12:0 a.m.31 views

Fedora 38 : python-aiohttp / python-pysqueezebox / python-wled (2023-1f06098c71)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-1f06098c71 advisory. Security fix for CVE-2023-49081, CVE-2023-49082. Update python-aiohttp to 3.9.1. Patch python-pysqeezebox and python-wled so they do not have an...

7.2CVSS6.5AI score0.0094EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/01/07 12:0 a.m.37 views

Fedora 39 : python-aiohttp / python-pysqueezebox / python-wled (2023-a04cc349e1)

The remote Fedora 39 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a04cc349e1 advisory. Security fix for CVE-2023-49081, CVE-2023-49082. Update python-aiohttp to 3.9.1. Patch python-pysqeezebox and python-wled so they do not have an...

7.2CVSS6.5AI score0.0094EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/12/01 2:18 a.m.2 views

SUSE CVE-2023-49082

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request e.g. insert a new header or even create a new HTTP request if the attacker controls the HTTP method. The vulnerability occurs only if th...

5.9CVSS7.9AI score0.0094EPSS
Exploits1References4
Wolfi
Wolfi
added 2023/11/29 8:15 p.m.40 views

CVE-2023-49082 vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa...

5.3CVSS7.1AI score0.0094EPSS
Exploits1
Chainguard
Chainguard
added 2023/11/29 8:15 p.m.47 views

CVE-2023-49082 vulnerabilities

Vulnerabilities for packages: py3-cassandra-medusa...

5.3CVSS6.8AI score0.0094EPSS
Exploits1
Rows per page
Query Builder