CVE-2026-34525 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This iss…
Medium CVSS: 6.3

CVE-2026-34525

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, multiple Host headers were allowed in aiohttp. This issue has been patched in version 3.13.4.
Vendor
-
Product
-
CWE
CWE-20
Yayın Tarihi
2026-04-01 21:17:00
Güncelleme
2026-04-03 16:10:52
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-20 MEDIUM 2026

Referanslar

https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000 https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349 https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4 https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67