Security
Security
Multiple vulnerabilities have been discovered in aiohttp, the worst of which could lead to service compromise.
| Package | dev-python/aiohttp on all architectures |
|---|---|
| Affected versions | < 3.9.4 |
| Unaffected versions | >= 3.9.4 |
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
Multiple vulnerabilities have been discovered in aiohttp. Please review the CVE identifiers referenced below for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All aiohttp users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-python/aiohttp-3.9.4"