aiohttp is an asynchronous HTTP client/server framework
for asyncio and Python.When using aiohttp as a web server
and configuring static routes, it is necessary to specify
the root path for static files. Additionally, the option
'follow_symlinks' can be used to determine whether to
follow symbolic
An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10,
and Django 5.0 before 5.0.2. The intcomma template filter was subject
to a potential denial-of-service attack when used with very long strings.
Since, there is no ptest available for python3-django so have not
tested the
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code
Execution via the environment parameter, a different vulnerability
than CVE-2022-22817 (which was about the expression parameter).
References:
https://security-tracker.debian.org/tracker/CVE-2023-50447