Lucene search
K

213 matches found

vulnersOsv
vulnersOsv
added 2026/01/05 11:9 p.m.5 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69226 via aiohttp (>=3.0.0b0 <=3.13.2)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69226 Source advisory: SNYK:PYTHON-AIOHTTP-14871888...

6.3CVSS6.7AI score0.00313EPSS
Exploits0
EUVD
EUVD
added 2026/01/05 11:9 p.m.3 views

EUVD-2026-1046

AIOHTTP vulnerable to brute-force leak of internal static file path components...

6.3CVSS6AI score0.00313EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/01/05 11:9 p.m.10 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69225 via aiohttp (>=3.0.0b0 <=3.13.2)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69225 Source advisory: SNYK:PYTHON-AIOHTTP-14871929...

6.9CVSS6.7AI score0.00236EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/05 11:9 p.m.4 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69225 via aiohttp (>=0.13.1 <=3.13.2)

aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69225 Source advisory: OSV:GHSA-MQQC-3GQH-H2X8...

6.9CVSS6.7AI score0.00236EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/05 10:58 p.m.5 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69224 via aiohttp (>=0.13.1 <=3.13.2)

aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69224 Source advisory: OSV:GHSA-69F9-5GXW-WVC2...

6.5CVSS6.8AI score0.00213EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/05 10:58 p.m.4 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69224 via aiohttp (>=3.0.0b0 <=3.13.2)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69224 Source advisory: SNYK:PYTHON-AIOHTTP-14871873...

6.5CVSS6.8AI score0.00213EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/05 10:58 p.m.3 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69223 via aiohttp (>=0.13.1 <=3.13.2)

aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69223 Source advisory: OSV:GHSA-6MQ8-RVHQ-8WGG...

7.5CVSS6.7AI score0.00487EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/01/05 10:52 p.m.3 views

CVE-2025-69226

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...

6.3CVSS6.7AI score0.00313EPSS
Exploits0
OSV
OSV
added 2026/01/05 10:15 p.m.2 views

DEBIAN-CVE-2025-69223

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...

7.5CVSS6.7AI score0.00487EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 10:15 p.m.12 views

AZL-73517 CVE-2025-69223 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...

7.5CVSS6.4AI score0.00487EPSS
Exploits0References1
OSV
OSV
added 2026/01/05 10:15 p.m.6 views

AZL-73494 CVE-2025-69223 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...

7.5CVSS7.2AI score0.00487EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.2 views

PT-2026-1348

Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below Description AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python, is susceptible to a denial-of-service DoS attack. An attacker can send a compressed request, specifically a zip bomb,...

8.7CVSS6.6AI score0.00487EPSS
Exploits0References239
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.8 views

PT-2026-1357

Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below Description AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Accessing the cookies attribute in an application with versions 3.13.2 and below can lead to a logging storm when...

6.9CVSS6.6AI score0.00332EPSS
Exploits0References188
Positive Technologies
Positive Technologies
added 2026/01/05 12:0 a.m.4 views

PT-2026-1349

Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below Description AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python, may be susceptible to a request smuggling attack when using versions 3.13.2 and below. This issue arises from the...

6.5CVSS6.6AI score0.00213EPSS
Exploits0References213
CNNVD
CNNVD
added 2026/01/05 12:0 a.m.4 views

aiohttp 信息泄露漏洞

aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs. An information disclosure vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from path normalization logic that may disclose absolute path component information,...

6.3CVSS5.9AI score0.00313EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/12/29 7:26 a.m.6 views

Security Bulletin: Vulnerability in AIOHTTP affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in AIOHTTP has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...

7.5CVSS7.7AI score0.00297EPSS
Exploits0Affected Software2
RedHat Linux
RedHat Linux
added 2025/12/09 3:8 p.m.3 views

Low: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.7

Red Hat OpenShift Service Mesh 3.0.7 Red Hat OpenShift Service Mesh 3.0.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application. Security Fixes: istio-proxyv2-rhel9: AIOHTTP is...

7.5CVSS6.7AI score0.00297EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-0003

Malware in sbrugna...

6.1CVSS7.2AI score0.01905EPSS
Exploits0References20
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-21384

Malicious code in bioql PyPI...

7.5CVSS7.2AI score0.00297EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-0005

Malicious code in bioql PyPI...

6.5CVSS5.5AI score0.00827EPSS
Exploits1References7
Rows per page
Query Builder