Jelmer Vernooij and Beast Glatisant discovered that AIOHTTP incorrectly handled certain URLs, leading to an open redirect attack. A remote attacker could possibly use this issue to perform phishing attacks.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "3.0.1-1ubuntu0.1~esm1", "binary_name": "python3-aiohttp" }, { "binary_version": "3.0.1-1ubuntu0.1~esm1", "binary_name": "python3-aiohttp-dbg" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_version": "3.6.2-1ubuntu0.1~esm1", "binary_name": "python3-aiohttp" }, { "binary_version": "3.6.2-1ubuntu0.1~esm1", "binary_name": "python3-aiohttp-dbg" } ] }