151 matches found
SUSE SLES16 Security Update : python-aiohttp (SUSE-SU-2026:22173-1)
The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:22173-1 advisory. This update for python-aiohttp fixes the following issues - CVE-2026-22815: insufficient header/trailer handling can cause a denia...
OPENSUSE-SU-2026:11097-1 python311-aiohttp-3.14.1-1.1 on GA media
These are all security issues fixed in the python311-aiohttp-3.14.1-1.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:21098-1 Security update for python-aiohttp
This update for python-aiohttp fixes the following issues - CVE-2026-22815: insufficient header/trailer handling can cause a denial of service bsc1261320. - CVE-2026-34513: unbounded DNS cache can cause a denial of service bsc1261321. - CVE-2026-34514: contenttype parameter manipulation can lead ...
SUSE-SU-2026:22173-1 Security update for python-aiohttp
This update for python-aiohttp fixes the following issues - CVE-2026-22815: insufficient header/trailer handling can cause a denial of service bsc1261320. - CVE-2026-34513: unbounded DNS cache can cause a denial of service bsc1261321. - CVE-2026-34514: contenttype parameter manipulation can lead ...
OESA-2026-2563 python-aiohttp security update
Async http client/server framework asyncio. Security Fixes: Most applications using this function will be doing so with the user's own data, so this is unlikely to affect many applications.CVE-2026-34993 If a developer uses the cookies parameter on a per-request basis then sensitive data might be...
OPENSUSE-SU-2026:10963-1 python311-aiohttp-3.14.0-1.1 on GA media
These are all security issues fixed in the python311-aiohttp-3.14.0-1.1 package on the GA media of openSUSE Tumbleweed...
[SECURITY] [DLA 4613-1] python-aiohttp security update
Debian LTS Advisory DLA-4613-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert June 01, 2026 https://wiki.debian.org/LTS Package : python-aiohttp Version : 3.7.4-1+deb11u2 CVE ID : CVE-2025-53643 CVE-2025-69224 CVE-2025-69225 CVE-2025-69226 CVE-2025-69227...
Debian dla-4613 : python-aiohttp-doc - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4613 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4613-1 [email protected]...
[SECURITY] [DSA 6141-1] python-aiohttp security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6241-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 01, 2026 https://www.debian.org/security/faq -...
ROS-20260420-73-0023
Vulnerability in python-aiohttp related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260420-73-0021
Vulnerability in python-aiohttp related to unrestricted resource allocation. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260420-73-0025
Vulnerability in python-aiohttp related to lack of service data protection. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...
ROS-20260420-73-0024
Vulnerability in python-aiohttp related to execution of a loop with an unreachable exit condition. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260420-73-0019
Vulnerability in python-aiohttp related to incorrect handling of highly compressed input data. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...
ROS-20260420-73-0026
Vulnerability in python-aiohttp related to a flaw in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...
ROS-20260420-73-0027
Vulnerability in python-aiohttp related to a flaw in http request handling. Exploitation of the vulnerability could allow a remote attacker to send a hidden http request http request smuggling attack...
a-mailx (=0.1.0), a2a-acl (=0.0.15) +1211 more potentially affected by CVE-2026-34517 via aiohttp (>=3.0.0b0 <=3.13.3)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34517 Source advisory: SNYK:PYTHON-AIOHTTP-15873734...
a-mailx (=0.1.0), a2a-acl (=0.0.15) +1211 more potentially affected by CVE-2026-34513 via aiohttp (>=3.0.0b0 <=3.13.3)
aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34513 Source advisory: SNYK:PYTHON-AIOHTTP-15873737...
UBUNTU-CVE-2026-22815
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...
CVE-2026-22815 AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...