Lucene search
K

10 matches found

cve
cve
added 2026/06/22 10:18 p.m.38 views

CVE-2026-41523

vLLM prior to 0.22.0 is affected by an assert-based security check in the activation function loading that can permit arbitrary code execution when a malicious HuggingFace model is loaded and vLLM runs in Python optimized mode. The attacker-controlled inputs are the activation function names from...

7.5CVSS6.5AI score0.00484EPSS
Exploits1References8Affected Software1
suse
suse
added 2026/03/10 4:5 p.m.5 views

Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. CVE-2025-69226: Fixed brute-force leak of internal static file path components bsc1256020. CVE-2025-69224: Fixed unicode processing of header values could cause...

8.7CVSS7.1AI score0.00487EPSS
Exploits0References30
osv
osv
added 2026/01/06 12:15 a.m.1 views

DEBIAN-CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

7.5CVSS7.8AI score0.00337EPSS
Exploits0References1
osv
osv
added 2026/01/06 12:15 a.m.13 views

AZL-73529 CVE-2025-69227 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS6.5AI score0.00337EPSS
Exploits0References1
nvd
nvd
added 2026/01/06 12:15 a.m.6 views

CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS0.00337EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2026/01/06 12:0 a.m.4 views

CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS7.1AI score0.00337EPSS
Exploits0References4
alpinelinux
alpinelinux
added 2026/01/05 11:19 p.m.3 views

CVE-2025-69227

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS7AI score0.00337EPSS
Exploits0
cve
cve
added 2026/01/05 11:19 p.m.23 views

CVE-2025-69227

CVE-2025-69227 affects AIOHTTP (async HTTP client/server for asyncio) with vulnerable versions 3.13.2 and earlier. The issue is an infinite loop that can trigger a DoS when assert statements are bypassed during POST body processing; if optimizations are enabled (-O or PYTHONOPTIMIZE=1) and a hand...

8.7CVSS6.5AI score0.00337EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/01/05 11:10 p.m.2 views

EUVD-2026-1045

AIOHTTP vulnerable to DoS when bypassing asserts...

8.7CVSS6.1AI score0.00337EPSS
Exploits0References4
github
github
added 2026/01/05 11:10 p.m.11 views

AIOHTTP vulnerable to DoS when bypassing asserts

Summary When assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body. Impact If optimisations are enabled -O or PYTHONOPTIMIZE=1, and the application includes a handler that uses the Request.post method, then an attacker may be able to...

8.7CVSS7.1AI score0.00337EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder