LOW

GHSA-mqqc-3gqh-h2x8

AIOHTTP has unicode match groups in regexes for ASCII protocol elements

상세

### Summary

The parser allows non-ASCII decimals to be present in the Range header.

### Impact

There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability.

----

Patch: https://github.com/aio-libs/aiohttp/commit/c7b7a044f88c71cefda95ec75cdcfaa4792b3b96

사용 중인 패키지 버전을 입력하면 즉시 평가합니다.

최초 영향 버전: 0 수정 버전: 3.13.3

수정 pip install --upgrade 'aiohttp>=3.13.3'