Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 6 days ago6 views

Python Library aiohttp < 3.14.0 Header Injection

The version of the aiohttp Python library installed on the remote host is prior to 3.14.0. It is, therefore, affected by a vulnerability: - Prior to 3.14.0, attacker-controlled input included into multipart/payload headers can be used to modify a request to inject additional headers or similar. I...

7.5CVSS6AI score0.00301EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/29 4:33 p.m.7 views

CVE-2026-50269

A flaw was found in aiohttp, an asynchronous HTTP client/server framework. This vulnerability, known as CRLF Carriage Return Line Feed injection, allows an attacker to modify HTTP requests by injecting malicious input into multipart or payload headers. If an application processes user-controlled...

7.5CVSS5.8AI score0.00301EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:30 p.m.5 views

CVE-2026-50269

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.0, attacker-controlled input included into multipart/payload headers can be used to modify a request to inject additional headers or similar. In the unlikely situation that an application is passing...

6.9CVSS5.8AI score0.00301EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49564

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.14.0 Description Attacker-controlled input included in multipart/payload headers can be used to modify a request to inject additional headers or change the request contents. This occurs when an application passes...

6.9CVSS5.8AI score0.00301EPSS
Exploits0References5
Rows per page
Query Builder