Lucene search
K

10 matches found

NVD
NVD
added 2026/01/06 12:15 a.m.14 views

CVE-2025-69228

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a request to be crafted in such a way that an AIOHTTP server's memory fills up uncontrollably during processing. If an application includes a handler that uses the Request.post method, ...

8.7CVSS0.00347EPSS
Exploits0References2
OSV
OSV
added 2026/01/06 12:15 a.m.8 views

AZL-73535 CVE-2025-69229 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. If an application makes use of the request.read method in an endpoint, it...

8.7CVSS5.7AI score0.00338EPSS
Exploits0References1
OSV
OSV
added 2026/01/06 12:15 a.m.3 views

DEBIAN-CVE-2025-69229

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks. If an application makes use of the request.read method in an endpoint, it...

5.3CVSS7.5AI score0.00338EPSS
Exploits0References1
OSV
OSV
added 2026/01/06 12:15 a.m.1 views

DEBIAN-CVE-2025-69230

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs...

5.3CVSS7.5AI score0.00332EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/01/06 12:0 a.m.10 views

CVE-2025-69230

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs...

6.9CVSS7AI score0.00332EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/06 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-69230

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a...

6.9CVSS7.1AI score0.00332EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/01/05 11:47 p.m.3 views

CVE-2025-69230

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. In versions 3.13.2 and below, reading multiple invalid cookies can lead to a logging storm. If the cookies attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs...

6.9CVSS6.7AI score0.00332EPSS
Exploits0
OSV
OSV
added 2026/01/05 11:19 p.m.4 views

CVE-2025-69227 AIOHTTP vulnerable to DoS when bypassing asserts

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow for an infinite loop to occur when assert statements are bypassed, resulting in a DoS attack when processing a POST body. If optimizations are enabled -O or PYTHONOPTIMIZE=1, and the...

8.7CVSS6.8AI score0.00337EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/05 10:58 p.m.3 views

EUVD-2025-206229

AIOHTTP's HTTP Parser autodecompress feature is vulnerable to zip bomb...

7.5CVSS6.1AI score0.00487EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2026/01/05 10:0 p.m.3 views

CVE-2025-69223

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory...

7.5CVSS7AI score0.00487EPSS
Exploits0
Rows per page
Query Builder