ROS-20260420-73-0025

Vulnerability in python-aiohttp related to lack of service data protection. Exploitation of the vulnerability may allow a remote attacker to gain unauthorized access to protected information...

a-mailx (=0.1.0), a2a-acl (=0.0.15) +1217 more potentially affected by CVE-2026-34513 via aiohttp (>=3.0.0b0 <=3.13.3)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34513 Source advisory: SNYK:PYTHON-AIOHTTP-15873737...

CVE-2026-22815 AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, insufficient restrictions in header/trailer handling could cause uncapped memory usage. This issue has been patched in version 3.13.4...

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1249 more potentially affected by CVE-2025-69229 via aiohttp (>=0.13.1 <=3.13.2)

aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69229 Source advisory: OSV:GHSA-G84X-MCQJ-X9QQ...

Fedora 41 : python-aiohttp (2024-c4a71dab58)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-c4a71dab58 advisory. Automatic update for python-aiohttp-3.9.5-1.fc41. Changelog Fri Apr 19 2024 Benjamin A. Beasley - 3.9.5-1 - Update to 3.9.5 fix RHBZ2275991, fix CVE-2024-273...