Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2023-47641
HistoryNov 14, 2023 - 12:00 a.m.

CVE-2023-47641

2023-11-1400:00:00
ubuntu.com
ubuntu.com
9
aiohttp
security vulnerability
http protocol
async
python
content-length
transfer-encoding
reverse proxy
proof-of-concept
vulnerability impact
proxy rule bypass
open redirect
upgrade
unix

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

aiohttp is an asynchronous HTTP client/server framework for asyncio and
Python. Affected versions of aiohttp have a security vulnerability
regarding the inconsistent interpretation of the http protocol. HTTP/1.1 is
a persistent protocol, if both Content-Length(CL) and Transfer-Encoding(TE)
header values are present it can lead to incorrect interpretation of two
entities that parse the HTTP and we can poison other sockets with this
incorrect interpretation. A possible Proof-of-Concept (POC) would be a
configuration with a reverse proxy(frontend) that accepts both CL and TE
headers and aiohttp as backend. As aiohttp parses anything with chunked, we
can pass a chunked123 as TE, the frontend entity will ignore this header
and will parse Content-Length. The impact of this vulnerability is that it
is possible to bypass any proxy rule, poisoning sockets to other users like
passing Authentication Headers, also if it is present an Open Redirect an
attacker could combine it to redirect random users to another website and
log the request. This vulnerability has been addressed in release 3.8.0 of
aiohttp. Users are advised to upgrade. There are no known workarounds for
this vulnerability.

Related

cvelist 1
cve 1
osv 3
veracode 1
prion 1
openvas 3
redhatcve 1
nessus 2
nvd 1
debiancve 1
github 1
redos 1
cvelist
cvelist
CVE-2023-47641 Inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` in aiohttp
2023-11-14 20:44:08
cve
cve
CVE-2023-47641
2023-11-14 21:15:13
osv
osv
PYSEC-2023-247
2023-11-14 21:15:00
CVE-2023-47641
2023-11-14 21:15:13
Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks
2023-11-14 20:36:25
veracode
veracode
HTTP Request Smuggling
2023-11-16 06:17:44
prion
prion
Open redirect
2023-11-14 21:15:00
openvas
openvas
aiohttp < 3.8.0 Security Vulnerability - Linux
2024-05-07 00:00:00
aiohttp < 3.8.0 Security Vulnerability - Windows
2024-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0577-1)
2024-02-22 00:00:00
redhatcve
redhatcve
CVE-2023-47641
2023-11-16 22:46:23
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : python-aiohttp (SUSE-SU-2023:4909-1)
2023-12-21 00:00:00
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-aiohttp, python-time-machine (SUSE-SU-2024:0577-1)
2024-02-22 00:00:00
nvd
nvd
CVE-2023-47641
2023-11-14 21:15:13
debiancve
debiancve
CVE-2023-47641
2023-11-14 21:15:13
github
github
Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks
2023-11-14 20:36:25
redos
redos
ROS-20240318-01
2024-03-18 00:00:00

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

6.7 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON
Related for UB:CVE-2023-47641
cvelist1cve1osv3veracode1prion1openvas3redhatcve1nessus2nvd1debiancve1github1redos1