CVE-2024-23829
Summary
| CVE | CVE-2024-23829 |
|---|---|
| State | PUBLISHED |
| Assigner | Unknown |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2024-01-29 23:15:00 UTC |
| Updated | 2024-02-05 02:15:00 UTC |
| Description | Description unavailable. |
Risk And Classification
Problem Types: CWE-444
There are no known software configurations currently associated with this CVE in NVD or the CVE Program record.
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| HTTP parser (the python one, not llhttp) still overly lenient about separators · Advisory · aio-libs/aiohttp · GitHub | github.com | ||
| Improve validation in HTTP parser (#8074) · aio-libs/aiohttp@33ccdfb · GitHub | github.com | ||
| [SECURITY] Fedora 39 Update: python-aiohttp-3.9.3-1.fc39 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Improve validation in HTTP parser by Dreamsorcerer · Pull Request #8074 · aio-libs/aiohttp · GitHub | github.com | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 243144 Red Hat Update for Satellite 6.14.3 (RHSA-2024:1536)
- 284904 Fedora Security Update for python (FEDORA-2024-0ddda4c691)
- 285010 Fedora Security Update for python (FEDORA-2024-f249b74f03)
- 755812 SUSE Enterprise Linux Security Update for python-aiohttp, python-time-machine (SUSE-SU-2024:0577-1)
- 997007 Python (Pip) Security Update for aiohttp (GHSA-8qpw-xqxj-h4r2)