VDB

PYSEC-2023-120

PYSEC-2023-120 PUBLISHED

aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser

Affected Products

VendorProductVersions
PyPIaiohttp0, 0.1, 0.10.0

Timeline

  • Jul 20, 2023 CVE Published
  • Nov 8, 2023 CVE Updated
  • May 1, 2026 Security Advisory

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›