CVE-2024-23334
Summary
| CVE | CVE-2024-23334 |
|---|
| State | PUBLISHED |
|---|
| Assigner | Unknown |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2024-01-29 23:15:00 UTC |
|---|
| Updated | 2024-02-05 18:44:00 UTC |
|---|
| Description | Description unavailable. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [SECURITY] Fedora 39 Update: python-aiohttp-3.9.3-1.fc39 - package-announce - Fedora Mailing-Lists |
|
lists.fedoraproject.org |
Mailing List |
| Validate static paths (#8079) · aio-libs/aiohttp@1c33594 · GitHub |
|
github.com |
|
| Validate static paths by Dreamsorcerer · Pull Request #8079 · aio-libs/aiohttp · GitHub |
|
github.com |
|
| aiohttp.web.static(follow_symlinks=True) is vulnerable to directory traversal · Advisory · aio-libs/aiohttp · GitHub |
|
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 150817 aiohttp Directory Traversal Vulnerability (CVE-2024-23334)
- 243144 Red Hat Update for Satellite 6.14.3 (RHSA-2024:1536)
- 284904 Fedora Security Update for python (FEDORA-2024-0ddda4c691)
- 285010 Fedora Security Update for python (FEDORA-2024-f249b74f03)
- 997011 Python (Pip) Security Update for aiohttp (GHSA-5h86-8mv2-jq9f)
