Lucene search
K

5 matches found

RedHat Linux
RedHat Linux
โ€ขadded 2024/03/27 1:22 p.m.โ€ข9 views

python-aiohttp: http request smuggling

An HTTP request smuggling vulnerability was found in aiohttp. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets that must trigger error handling to robustly match frame boundaries of proxies in order to protect against the injection of...

6.5CVSS7.1AI score0.0102EPSS
Exploits1References5
RedhatCVE
RedhatCVE
โ€ขadded 2024/01/30 11:2 a.m.โ€ข41 views

CVE-2024-23829

An HTTP request smuggling vulnerability was found in aiohttp. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets that must trigger error handling to robustly match frame boundaries of proxies in order to protect against the injection of...

6.5CVSS7.1AI score0.0102EPSS
Exploits1References4
OSV
OSV
โ€ขadded 2024/01/29 10:41 p.m.โ€ข63 views

CVE-2024-23829 aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame boundaries of proxies in order to protect against...

6.5CVSS6.6AI score0.0102EPSS
Exploits1References8
Github Security Blog
Github Security Blog
โ€ขadded 2024/01/29 10:30 p.m.โ€ข64 views

aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators

Summary Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame boundaries of proxies in order to protect against injection of additional requests. Additionally, validation could trigger...

6.5CVSS7.2AI score0.0102EPSS
Exploits1References12Affected Software1
RedHat Linux
RedHat Linux
โ€ขadded 2022/11/21 11:33 a.m.โ€ข5 views

Mozilla: Iframe contents could be rendered outside the iframe

The Mozilla Foundation Security Advisory describes this flaw as: Use tables inside of an iframe, an attacker could have caused iframe contents to be rendered outside the boundaries of the iframe, resulting in potential user confusion or spoofing attacks...

6.5CVSS7.3AI score0.0057EPSS
Exploits0References6
Rows per page
Query Builder