Lucene search
+L

15 matches found

debian
debian
added 2026/06/01 4:56 a.m.15 views

[SECURITY] [DLA 4613-1] python-aiohttp security update

Debian LTS Advisory DLA-4613-1 [email protected] https://www.debian.org/lts/security/ Daniel Leidert June 01, 2026 https://wiki.debian.org/LTS Package : python-aiohttp Version : 3.7.4-1+deb11u2 CVE ID : CVE-2025-53643 CVE-2025-69224 CVE-2025-69225 CVE-2025-69226 CVE-2025-69227...

9.1CVSS6.8AI score0.00461EPSS
Exploits0
nessus
nessus
added 2026/06/01 12:0 a.m.11 views

Debian dla-4613 : python-aiohttp-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4613 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4613-1 [email protected]...

9.1CVSS6.8AI score0.00461EPSS
Exploits0References34
ibm
ibm
added 2026/03/25 1:12 p.m.7 views

Security Bulletin: Vulnerability in AIOHTTP bundled with IBM Fusion Content-Aware Storage.

Summary IBM Fusion Content-Aware Storage includes AIOHTTP which could allow DoS, request smuggling, logging storm attacks. The target service within Content-Aware Storage is vLLM, and this service is accessible only on the private network within kubernetes, and requires this private network acces...

8.7CVSS6.9AI score0.00487EPSS
Exploits0Affected Software1
nessus
nessus
added 2026/03/13 12:0 a.m.5 views

SUSE SLES15 Security Update : python-aiohttp (SUSE-SU-2026:0859-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0859-1 advisory. - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal...

8.7CVSS6AI score0.00487EPSS
Exploits0References23
openvas
openvas
added 2026/03/11 12:0 a.m.2 views

SUSE: Security Advisory (SUSE-SU-2026:0858-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS5.8AI score0.00487EPSS
Exploits0References10
opensuse
opensuse
added 2026/02/14 12:0 a.m.5 views

Security update for python-aiohttp, python-Brotli (important)

openSUSE security update: security update for python-aiohttp, python-brotli ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20204-1 Rating: important References: bsc1246517 bsc1254867 bsc1256017 bsc1256018 bsc1256019 bsc1256020 bsc1256021 bsc1256022...

8.7CVSS5.6AI score0.00487EPSS
Exploits0References9
opensuse
opensuse
added 2026/01/10 12:0 a.m.2 views

python311-aiohttp-3.13.3-1.1 on GA media (moderate)

python311-aiohttp-3.13.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10025-1 Rating: moderate Cross-References: CVE-2025-69223 CVE-2025-69224 CVE-2025-69225 CVE-2025-69226 CVE-2025-69227 CVE-2025-69228 CVE-2025-69229 CVE-2025-69230 CVSS scores: CVE-2025-69223 SUSE : 7.5...

8.7CVSS7.3AI score0.00487EPSS
Exploits0
wolfi
wolfi
added 2026/01/08 1:48 a.m.6 views

CVE-2025-69224 vulnerabilities

Vulnerabilities for packages: open-webui, checkov, kubeflow-pipelines-visualization-server, py3-cassandra-medusa, kserve, dask-kubernetes...

6.5CVSS6.8AI score0.00213EPSS
Exploits0
openvas
openvas
added 2026/01/07 12:0 a.m.6 views

aiohttp < 3.13.3 Multiple Vulnerabilities - Windows

aiohttp is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...

8.7CVSS7.6AI score0.00487EPSS
Exploits0References9
openvas
openvas
added 2026/01/07 12:0 a.m.9 views

aiohttp < 3.13.3 Multiple Vulnerabilities - Linux

aiohttp is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:aio-libsproject:aiohttp";...

8.7CVSS6.6AI score0.00487EPSS
Exploits0References9
nessus
nessus
added 2026/01/06 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2025-69224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smugglin...

6.5CVSS7.3AI score0.00213EPSS
Exploits0References3
nvd
nvd
added 2026/01/05 11:15 p.m.7 views

CVE-2025-69224

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...

6.5CVSS0.00213EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2026/01/05 10:58 p.m.7 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1244 more potentially affected by CVE-2025-69224 via aiohttp (>=0.13.1 <=3.13.2)

aiohttp PYPI version =0.13.1, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69224 Source advisory: OSV:GHSA-69F9-5GXW-WVC2...

6.5CVSS6.8AI score0.00213EPSS
Exploits0
vulnersosv
vulnersosv
added 2026/01/05 10:58 p.m.4 views

a-mailx (=0.1.0), aba-cli-scrapper (>=0.1.1 <=0.1.6) +1115 more potentially affected by CVE-2025-69224 via aiohttp (>=3.0.0b0 <=3.13.2)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =0.1.0, =0.1.31, =0.1.37 and more Source cves: CVE-2025-69224 Source advisory: SNYK:PYTHON-AIOHTTP-14871873...

6.5CVSS6.8AI score0.00213EPSS
Exploits0
cve
cve
added 2026/01/05 10:35 p.m.34 views

CVE-2025-69224

AIOHTTP (Python) vulnerability CVE-2025-69224 affects versions 3.13.2 and below of the Python HTTP parser. The issue arises from how non-ASCII characters may enable a request smuggling attack, potentially bypassing firewalls or proxy protections when a pure-Python build is used or AIOHTTP_NO_EXTE...

6.5CVSS6.6AI score0.00213EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder