CVE-2026-54279

Sažetak

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, host-only cookies that are saved with CookieJar.save() and then restored later with CookieJar.load() lose their host-only status. This vulnerability is fixed in 3.14.1.

Reference

https://github.com/aio-libs/aiohttp/commit/a329a7aacad5284f087af36103aff778746da0f2
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2fqr-mr3j-6wp8

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

22-06-2026 - 19:17

Objavljeno

22-06-2026 - 18:16