aiohttp version has multiple CVE's

Question

AlaricWhitney opened this issue 4 months ago · comments

the aiohttp version currently used (3.8.4) has multiple security vulnerabilities with open CVE's:

aiohttp needs to be upgraded to at least 3.9.2 to resolve the issue.

Shubham · Answer 1 · Fri Apr 05 2024 01:10:38 GMT+0800 (China Standard Time)

Is aiohttp==3.9.2 available in python 3.7? I see the error that it is not able to find the dependency.