CVE-2021-21330 log

Severity Low
Remote Yes
Type Open redirect
In python-aiohttp before version 3.7.4 there is an open redirect vulnerability. A maliciously crafted link to an aiohttp-based web-server could redirect the browser to a different website. It is caused by a bug in the `aiohttp.web_middlewares.normalize_path_middleware` middleware. This security problem has been fixed in 3.7.4.
Group Package Affected Fixed Severity Status Ticket
AVG-1623 python-aiohttp 3.7.3-1 3.7.4-1 Low Fixed