10 matches found
[SECURITY] [DLA 4613-1] python-aiohttp security update
Debian LTS Advisory DLA-4613-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert June 01, 2026 https://wiki.debian.org/LTS Package : python-aiohttp Version : 3.7.4-1+deb11u2 CVE ID : CVE-2025-53643 CVE-2025-69224 CVE-2025-69225 CVE-2025-69226 CVE-2025-69227...
Debian dla-4613 : python-aiohttp-doc - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4613 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4613-1 [email protected]...
RHEL 9 : Satellite 6.18.3 Async Update (Important) (RHSA-2026:2760)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2760 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...
Security update for python-aiohttp, python-Brotli (important)
openSUSE security update: security update for python-aiohttp, python-brotli ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20204-1 Rating: important References: bsc1246517 bsc1254867 bsc1256017 bsc1256018 bsc1256019 bsc1256020 bsc1256021 bsc1256022...
Low: Red Hat Security Advisory: Red Hat OpenShift Service Mesh 3.0.7
Red Hat OpenShift Service Mesh 3.0.7 Red Hat OpenShift Service Mesh 3.0.7, which is based on the open source Istio project, addresses a variety of problems in a microservice architecture by creating a centralized point of control in an application. Security Fixes: istio-proxyv2-rhel9: AIOHTTP is...
SUSE SLES15 Security Update : python-aiohttp (SUSE-SU-2025:03201-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03201-1 advisory. - CVE-2025-53643: request smuggling vulnerability due to incorrect parsing trailer sections of an HTTP request bsc1246517. Tenable has...
SUSE-SU-2025:03057-1 Security update for python-aiohttp
This update for python-aiohttp fixes the following issues: - CVE-2025-53643: Fixed request smuggling due to incorrect parsing of chunked trailer section bsc1246517...
CVE-2025-53643 vulnerabilities
Vulnerabilities for packages: text-generation-inference, py3.10-vllm-cuda-11.8, py3.13-scanner-test-libraries-aiohttp, airflow, airflow-core, py3-vllm-cuda-12.4, py3-cassandra-medusa, dask-kubernetes, apache-beam-python-3.11-sdk, request-1276...
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed i.e. without the...
aba-cli-scrapper (>=0.1.1 <=0.1.6), academic-metrics (>=0.1.0b0 <=1.0.99) +905 more potentially affected by CVE-2025-53643 via aiohttp (>=3.0.0b0 <=3.12.13)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =56.0.0, =0.1.0, =0.1.31, =1.0.1, =1.2.0 - ahttp-client =1.0.3 and more Source cves: CVE-2025-53643 Source advisory: SNYK:PYTHON-AIOHTTP-10742466...