Lucene search
K

4 matches found

OSV
OSV
added 2026/06/22 6:16 p.m.2 views

UBUNTU-CVE-2026-54273

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, no limit was present on the number of pipelined requests that could be queued. An attacker may be able to use pipelined requests to use excessive amounts of memory, potentially leading to DoS. This...

8.7CVSS5.8AI score0.00279EPSS
Exploits0References3
OSV
OSV
added 2026/06/22 6:16 p.m.2 views

UBUNTU-CVE-2026-54276

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, DigestAuthMiddleware can send an authentication response after following a cross-origin redirect. This likely requires an open redirect vulnerability or similar on the target domain for an attacker to...

6.3CVSS5.9AI score0.00178EPSS
Exploits0References3
OSV
OSV
added 2026/06/02 8:16 p.m.8 views

UBUNTU-CVE-2026-47265

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.14.0, cookies set with the cookies parameter on requests are sent after following a cross-origin redirect. If a developer uses the cookies parameter on a per-request basis then sensitive data might ...

8.7CVSS5.3AI score0.0015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/01/06 12:0 a.m.34 views

SUSE SLES15 / openSUSE 15 Security Update : python-aiohttp (SUSE-SU-2024:0034-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0034-1 advisory. - CVE-2023-49081: fixed an HTTP header injection via a crafted version bsc1217684. Tenable has extracted the preceding...

7.2CVSS6.7AI score0.00874EPSS
Exploits1References4
Rows per page
Query Builder