Aio-libs Aiohttp Session — known CVE vulnerabilities
Every CVE whose affected-product data names Aio-libs Aiohttp Session, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-1000519 — CVSS 6.5 (medium): aio-libs aiohttp-session contains a Session Fixation vulnerability in load_session function for RedisStorage (see: https://github.com/aio-li…
CVE-2018-1000814 — CVSS 6.5 (medium): aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage…