Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AIOHTTP: CRLF injection in multipart part content type header construction
Vulnerability Description
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an attacker who controls the content_type parameter in aiohttp could use this to inject extra headers or similar exploits. This issue has been patched in version 3.13.4.
CVSS Information
N/A
Vulnerability Type
HTTP头部中CRLF序列转义处理不恰当(HTTP响应分割)
Vulnerability Title
aiohttp 注入漏洞
Vulnerability Description
aiohttp是aio-libs开源的一个开源的用于 asyncio 和 Python 的异步 HTTP 客户端/服务器框架。 AIOHTTP 3.13.4之前版本存在注入漏洞,该漏洞源于攻击者可能通过控制content_type参数来注入额外标头或进行类似利用。
CVSS Information
N/A
Vulnerability Type
N/A