214 matches found
EUVD-2023-0003
Malicious code in bioql PyPI...
EUVD-2023-0005
Malicious code in bioql PyPI...
EUVD-2023-0006
Malicious code in bioql PyPI...
EUVD-2024-0002
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-49081
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation made it possible for an attacker to modify the HTTP request...
Linux Distros Unpatched Vulnerability : CVE-2024-23334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessar...
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - Linux
aiohttp is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
aioHTTP < 3.12.14 Request Smuggling (CVE-2025-53643)
The version of aioHTTP installed on the remote host is prior to 3.12.14. It is, therefore, affected by a request smuggling vulnerability: - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request...
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - Windows
aiohttp is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
DEBIAN-CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
AZL-65256 CVE-2025-53643 affecting package python-aiohttp 3.6.2-3
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
UBUNTU-CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
CVE-2025-53643 AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
CVE-2025-53643 AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
CVE-2025-53643 AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
CVE-2025-53643
CVE-2025-53643 (aiohttp) : Prior to 3.12.14, the Python parser is vulnerable to HTTP request smuggling due to not parsing trailer sections. If a pure-Python build (no C extensions) or AIOHTTP_NO_EXTENSIONS is used, an attacker may smuggle requests to bypass certain firewalls/proxy protections. Th...
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
aba-cli-scrapper (>=0.1.1 <=0.1.6), academic-metrics (>=0.1.0b0 <=1.0.99) +1034 more potentially affected by CVE-2025-53643 via aiohttp (>=0.13.1 <=3.12.13)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =56.0.0, =0.1.0, =0.1.31, =1.0.1, =1.2.0 - ahttp-client =1.0.3 and more Source cves: CVE-2025-53643 Source advisory: OSV:GHSA-9548-QRRJ-X5PJ...
aba-cli-scrapper (>=0.1.1 <=0.1.6), academic-metrics (>=0.1.0b0 <=1.0.99) +905 more potentially affected by CVE-2025-53643 via aiohttp (>=3.0.0b0 <=3.12.13)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =56.0.0, =0.1.0, =0.1.31, =1.0.1, =1.2.0 - ahttp-client =1.0.3 and more Source cves: CVE-2025-53643 Source advisory: SNYK:PYTHON-AIOHTTP-10742466...