213 matches found
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69226 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69226 Source advisory: SNYK:PYTHON-AIOHTTP-14871888...
EUVD-2026-1046
AIOHTTP vulnerable to brute-force leak of internal static file path components...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69225 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69225 Source advisory: SNYK:PYTHON-AIOHTTP-14871929...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69225 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69225 Source advisory: OSV:GHSA-MQQC-3GQH-H2X8...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69224 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69224 Source advisory: OSV:GHSA-69F9-5GXW-WVC2...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69224 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69224 Source advisory: SNYK:PYTHON-AIOHTTP-14871873...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69223 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69223 Source advisory: OSV:GHSA-6MQ8-RVHQ-8WGG...
CVE-2025-69226
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...
DEBIAN-CVE-2025-69223
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...
AZL-73517 CVE-2025-69223 affecting package python-aiohttp 3.6.2-3
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...
AZL-73494 CVE-2025-69223 affecting package python-aiohttp 3.6.2-3
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...
PT-2026-1348
Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below Description AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python, is susceptible to a denial-of-service DoS attack. An attacker can send a compressed request, specifically a zip bomb,...
PT-2026-1357
Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below Description AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Accessing the cookies attribute in an application with versions 3.13.2 and below can lead to a logging storm when...
PT-2026-1349
Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below Description AIOHTTP, an asynchronous HTTP client/server framework for asyncio and Python, may be susceptible to a request smuggling attack when using versions 3.13.2 and below. This issue arises from the...
aiohttp 信息泄露漏洞
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs. An information disclosure vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from path normalization logic that may disclose absolute path component information,...
Security Bulletin: Vulnerability in AIOHTTP affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in AIOHTTP has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerabili...
Low: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.7
Red Hat OpenShift Service Mesh 3.0.7 Red Hat OpenShift Service Mesh 3.0.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application. Security Fixes: istio-proxyv2-rhel9: AIOHTTP is...
EUVD-2021-0003
Malware in sbrugna...
EUVD-2025-21384
Malicious code in bioql PyPI...
EUVD-2023-0005
Malicious code in bioql PyPI...