3 matches found
ROOT-APP-PYPI-CVE-2024-27306 CVE-2024-27306 in rootio-aiohttp - Patched by Root
Root has patched CVE-2024-27306 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
UBUNTU-CVE-2024-27306
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server e.g. nginx for serving static files. Users following th...
01os (>=0.0.1 <=0.0.14), 0b1-protocol (>=0.1.0 <=0.1.3) +43116 more potentially affected by CVE-2024-27306 via aiohttp (>=0.13.1 <=3.9.3)
aiohttp PYPI version =0.13.1, =0.0.1, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =1.0.0, =0.1.0, =0.1.1, =0.1.2, =0.1.3 - 1942pyc =7.0.1 and more Source cves: CVE-2024-27306 Source advisory: OSV:GHSA-7GPW-8WMC-PM8G...