Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly
handled certain URLs, leading to an open redirect attack. A remote
attacker could possibly use this issue to perform phishing attacks.

References

ubuntu.com/security/CVE-2021-21330

ubuntu.com/security/notices/USN-5386-1

openvas 8

ibm 1

redhatcve 1

cvelist 1

debian 2

debiancve 1

ubuntucve 1

nessus 6

osv 5

fedora 2

veracode 1

freebsd 1

cve 1

ubuntu 1

nvd 1

gentoo 1

prion 1

redos 26

mageia 1

github 2

redhat 1

openvas

Debian: Security Advisory (DSA-4864-1)

2021-02-28 00:00:00

Fedora: Security Advisory for python-aiohttp (FEDORA-2021-673b10ed77)

2021-03-08 00:00:00

Ubuntu: Security Advisory (USN-5386-1)

2023-01-27 00:00:00

ibm

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Python aiohttp

2021-10-01 06:21:07

redhatcve

CVE-2021-21330

2021-03-02 17:03:04

cvelist

CVE-2021-21330 Open redirect vulnerability in aiohttp

2021-02-26 02:15:15

debian

[SECURITY] [DSA 4864-1] python-aiohttp security update

2021-02-27 08:32:19

[SECURITY] [DSA 4864-1] python-aiohttp security update

2021-02-27 08:32:19

debiancve

CVE-2021-21330

2021-02-26 03:15:12

ubuntucve

CVE-2021-21330

2021-02-26 00:00:00

nessus

Fedora 33 : python-aiohttp (2021-673b10ed77)

2021-03-08 00:00:00

GLSA-202208-19 : aiohttp: Open redirect vulnerability

2022-08-11 00:00:00

FreeBSD : aiohttp -- open redirect vulnerability (3000acee-c45d-11eb-904f-14dae9d5a9d2)

2021-06-04 00:00:00

osv

CVE-2021-21330

2021-02-26 03:15:12

`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)

2021-02-26 02:11:57

PYSEC-2021-76

2021-02-26 03:15:00

fedora

[SECURITY] Fedora 34 Update: python-aiohttp-3.7.4-1.fc34

2021-03-19 20:22:48

[SECURITY] Fedora 33 Update: python-aiohttp-3.7.4-1.fc33

2021-03-07 13:53:21

veracode

Open Redirection

2021-03-01 07:45:54

freebsd

aiohttp -- open redirect vulnerability

2021-02-25 00:00:00

cve

CVE-2021-21330

2021-02-26 03:15:12

ubuntu

AIOHTTP vulnerability

2022-04-21 00:00:00

nvd

CVE-2021-21330

2021-02-26 03:15:12

gentoo

aiohttp: Open redirect vulnerability

2022-08-10 00:00:00

prion

Open redirect

2021-02-26 03:15:00

redos

ROS-2-792

2021-09-08 00:00:00

ROS-2-435

2021-12-24 00:00:00

ROS-2-815

2021-09-08 00:00:00

mageia

Updated python-aiohttp package fixes security vulnerability

2021-03-30 23:08:49

github

`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)

2021-02-26 02:11:57

Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks

2023-11-14 20:36:25

redhat

(RHSA-2021:4702) Moderate: Satellite 6.10 Release

2021-11-16 13:58:57

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

6.7 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

83.9%

JSON

Related for OSV:USN-5386-1