MGASA-2021-0161

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2021-0161.html

Import Source

https://advisories.mageia.org/MGASA-2021-0161.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2021-0161

Related

CVE-2021-21330

Published

2021-03-30T20:08:49Z

Modified

2021-03-30T19:04:09Z

Summary

Updated python-aiohttp package fixes security vulnerability

Details

Beast Glatisant and Jelmer Vernooij reported that python-aiohttp is prone to an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website (CVE-2021-21330).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / python-aiohttp

Package

Name: python-aiohttp
Purl: pkg:rpm/mageia/python-aiohttp?arch=source&distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.7.4-1.mga8

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2021-0161.json"