Lucene search
+L

5 matches found

Wolfi
Wolfi
added 2026/04/07 1:48 a.m.7 views

CVE-2026-34517 vulnerabilities

Vulnerabilities for packages: kserve, dask-kubernetes, open-webui, kubeflow-pipelines-visualization-server, airflow, checkov, py3-cassandra-medusa...

6.9CVSS4.7AI score0.00384EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/03 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-34517

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire...

6.9CVSS5.4AI score0.00384EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2026/04/01 9:47 p.m.4 views

a-mailx (=0.1.0), a2a-acl (=0.0.15) +1211 more potentially affected by CVE-2026-34517 via aiohttp (>=3.0.0b0 <=3.13.3)

aiohttp PYPI version =3.0.0b0, =0.1.1, =0.1.0b0, =1.1.0, =1.0.1, =0.0.0, =0.0.2, =4.8.2, =0.0.3, =0.1.3, =0.4.0, =56.0.0, =72.0.0 and more Source cves: CVE-2026-34517 Source advisory: SNYK:PYTHON-AIOHTTP-15873734...

6.9CVSS5.8AI score0.00384EPSS
Exploits0
CVE
CVE
added 2026/04/01 8:14 p.m.40 views

CVE-2026-34517

CVE-2026-34517 (AIOHTTP) affects the AIOHTTP Python library. Before version 3.13.4, some multipart form fields caused the library to read the entire field into memory before enforcing the request size limit (client_max_size), creating a potential memory-based denial of service. The issue has been...

6.9CVSS5.8AI score0.00384EPSS
Exploits0References3Affected Software1
AlpineLinux
AlpineLinux
added 2026/04/01 8:14 p.m.7 views

CVE-2026-34517

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, for some multipart form fields, aiohttp read the entire field into memory before checking clientmaxsize. This issue has been patched in version 3.13.4...

6.9CVSS5.3AI score0.00384EPSS
Exploits0
Rows per page
Query Builder