diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2024-05-02 16:59:29 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2024-05-02 16:59:29 +0200 |
commit | 27b45d6d850e864905780db081475325edacce04 (patch) | |
tree | 6cd04ea2a7588059d09771fce10599cb522e054f /data/CVE | |
parent | 9a9b4c8c78ac14dcfd5ae006d9dc0f4cd1fca0d8 (diff) |
Add CVE-2024-30251/python-aiohttp
Diffstat (limited to 'data/CVE')
-rw-r--r-- | data/CVE/list | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/data/CVE/list b/data/CVE/list index 8f40bab878..6945f2b00e 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,10 @@ +CVE-2024-30251 [DoS when trying to parse malformed POST requests] + - python-aiohttp <unfixed> + NOTE: https://www.openwall.com/lists/oss-security/2024/05/02/4 + NOTE: https://github.com/aio-libs/aiohttp/security/advisories/GHSA-5m98-qgg9-wh84 + NOTE: Fixed by: https://github.com/aio-libs/aiohttp/commit/cebe526b9c34dc3a3da9140409db63014bc4cf19 (v3.9.4) + NOTE: Followup: https://github.com/aio-libs/aiohttp/commit/7eecdff163ccf029fbb1ddc9de4169d4aaeb6597 (v3.9.5) + NOTE: Followup: https://github.com/aio-libs/aiohttp/commit/f21c6f2ca512a026ce7f0f6c6311f62d6a638866 (v3.9.5) CVE-2024-34148 NOT-FOR-US: Jenkins plugin CVE-2024-34147 |