1131 matches found
Linux Distros Unpatched Vulnerability : CVE-2024-30251
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In affected versions an attacker can send a specially crafted POST...
Security Bulletin: Multiple security vulnerabilities are addressed with IBM Process Mining Interim Fix for Aug 2025
Summary In addition to many updates of operating system level packages, the following security vulnerabilities are addressed with IBM Process Mining 2.0.2 IF001 Vulnerability Details CVEID:CVE-2025-53643 DESCRIPTION: AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python...
Malicious code in aiohttp-proxies-forked (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aiohttp-proxies-fork (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41618 Malicious code in aiohttp-proxies-forked (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41617 Malicious code in aiohttp-proxies-fork (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Malicious code in aiohttp-proxies-connector (PyPI)
--- -= Per source details. Do not edit below this line.=-...
MAL-2025-41616 Malicious code in aiohttp-proxies-connector (PyPI)
--- -= Per source details. Do not edit below this line.=-...
Linux Distros Unpatched Vulnerability : CVE-2023-49082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request...
Linux Distros Unpatched Vulnerability : CVE-2024-23334
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. When using aiohttp as a web server and configuring static routes, it is necessar...
Linux Distros Unpatched Vulnerability : CVE-2025-53643
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling...
Linux Distros Unpatched Vulnerability : CVE-2024-52303
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur...
Ubuntu: Security Advisory (USN-7642-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : AIOHTTP vulnerabilities (USN-7642-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7642-1 advisory. Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this...
aioHTTP < 3.12.14 Request Smuggling (CVE-2025-53643)
The version of aioHTTP installed on the remote host is prior to 3.12.14. It is, therefore, affected by a request smuggling vulnerability: - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request...
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - Linux
aiohttp is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
USN-7642-1: AIOHTTP vulnerabilities
Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this issue to perform request smuggling. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-47627 Ivan Novikov discovered that AIOHTTP did not properly validate...
USN-7642-1 python-aiohttp vulnerabilities
Ben Kallus discovered that AIOHTTP did not correctly parse HTTP headers. A remote attacker could possibly use this issue to perform request smuggling. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2023-47627 Ivan Novikov discovered that AIOHTTP did not properly validate...
aiohttp < 3.12.14 HTTP Request Smuggling Vulnerability - Windows
aiohttp is prone to an HTTP request smuggling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
HTTP Request Smuggling
aiohttp is vulnerable to HTTP request smuggling. The vulnerability is due to improper parsing of trailer sections in HTTP requests when the pure Python version of aiohttp is used or the AIOHTTPNOEXTENSIONS flag is enabled, which allows an attacker to smuggle HTTP requests and potentially bypass...