VUL-0: CVE-2024-27306: python-aiohttp: XSS on index pages for static file handling VUL-0: CVE-2024-30251: python-aiohttp: infinite loop on specially crafted POST request VUL-0: CVE-2024-52304: python-aiohttp: vulnerable to request smuggling due to incorrect parsing of chunk extensions dgarcia moderate security

Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2024-27306: Fixed XSS on index pages for static file handling (bsc#1223098) - CVE-2024-30251: Fixed infinite loop on specially crafted POST request (bsc#1223726) - CVE-2024-52304: Fixed vulnerable to request smuggling due to incorrect parsing of chunk extensions (bsc#1233447) python-aiohttp