Overview
About vulnerability
Summary
The server_hostname TLS SNI check can be bypassed when an existing connection is reused.
Impact
If an application makes multiple requests to the same domain, but with different per-request server_hostname parameters, then the later calls may succeed by reusing the existing connection when they should have been rejected due to the TLS SNI check.
Workaround
Disable keep_alive if you need to change the server_hostname check between requests.
Patch: https://github.com/aio-libs/aiohttp/commit/0ca2b6c28a25726527a8b60f25960262a91ed0e0
Details
- Affected product:
- aiohttp , apache-airflow-providers-http
- Affected packages:
- aiohttp @ 3.10.11 (+5 more)
Summary
The server_hostname TLS SNI check can be bypassed when an existing connection is reused.
Impact
If an application makes multiple requests to the same domain, but with different per-request server_hostname parameters, then the later calls may succeed by reusing the existing connection when they should have been rejected due to the TLS SNI check.
Workaround
Disable keep_alive if you need to change the server_hostname check between requests.
Patch: https://github.com/aio-libs/aiohttp/commit/0ca2b6c28a25726527a8b60f25960262a91ed0e0