213 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-69225
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals t...
aiohttp 安全漏洞
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. A security vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from a specially crafted request that can cause the server to run out of memory, potentially...
CVE-2025-69228
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...
aiohttp 安全漏洞
aiohttp is an open source aio-libs open source asynchronous HTTP client/server framework for asyncio and Python. A security vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from an infinite loop that may result from bypassing an assertion statement, possibly leading to a...
aiohttp 环境问题漏洞
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs. An environment issue vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from the presence of non-ASCII decimal numbers allowed in the Range header, which could lead to a...
aiohttp 安全漏洞
aiohttp is an open source asynchronous HTTP client/server framework for asyncio and Python from aio-libs open source. A security vulnerability exists in aiohttp 3.13.2 and earlier versions, which stems from a potential excessive CPU blocking when processing a large number of chunked messages, whi...
CVE-2025-69228 AIOHTTP vulnerable to denial of service through large payloads
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...
CVE-2025-69224
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
UBUNTU-CVE-2025-69226
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...
Logging of Excessive Data
Overview Affected versions of this package are vulnerable to Logging of Excessive Data via the cookies attribute. An attacker can generate excessive warning-level log entries by sending specially crafted Cookie headers. Remediation Upgrade aiohttp to version 3.13.3 or higher. References - GitHub...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69230 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69230 Source advisory: SNYK:PYTHON-AIOHTTP-14872000...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69230 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69230 Source advisory: OSV:GHSA-FH55-R93G-J68G...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69229 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69229 Source advisory: SNYK:PYTHON-AIOHTTP-14871954...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69229 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69229 Source advisory: OSV:GHSA-G84X-MCQJ-X9QQ...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the request.read method. An attacker can cause the server to consume excessive CPU resources by sending a large number of chunked messages. Details Denial of Service DoS describes ...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69228 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69228 Source advisory: SNYK:PYTHON-AIOHTTP-14871877...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69228 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69228 Source advisory: OSV:GHSA-6JHG-HG63-JVVF...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69227 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69227 Source advisory: SNYK:PYTHON-AIOHTTP-14871979...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69227 via aiohttp (>=0.13.1 <=3.13.2)
aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69227 Source advisory: OSV:GHSA-JJ3X-WXRX-4X23...
a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69226 via aiohttp (>=3.0.0b0 <=3.13.2)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69226 Source advisory: SNYK:PYTHON-AIOHTTP-14871888...