Vulnerabilities > Aiohttp Session Project > Aiohttp Session > 0.5.0

DATE CVE VULNERABILITY TITLE RISK
2018-12-20 CVE-2018-1000814 Insufficient Session Expiration vulnerability in Aiohttp-Session Project Aiohttp-Session
aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan.
network
low complexity
aiohttp-session-project CWE-613
4.0
4.0