5Yu4N

Name of the Vulnerable Software and Affected Versions AIOHTTP versions prior to 3.13.4 Description Multiple Host headers were permitted in AIOHTTP, potentially allowing a reverse proxy's security rules to be bypassed. This could lead to a request being processed by AIOHTTP in a privileged sub application when using `Application.add domain()` if the proxy and AIOHTTP process different host names. Recommendations Update to AIOHTTP version 3.13.4 or later.