10 matches found
EUVD-2024-3176
Malicious code in bioql PyPI...
Memory Leakage
aiohttp is vulnerable to Memory Leakage. The vulnerability is due to improper handling of MatchInfoError, where each error creates a unique cache entry, allowing an attacker to exhaust server memory with numerous requests...
aioHTTP 3.10.6 < 3.10.11 Memory Leak
The version of aioHTTP installed on the remote host is prior to 3.10.11. It is, therefore, affected by a memory leak vulnerability. aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a...
CVE-2024-52303
A flaw was found in the aiohttp package. A memory leak can occur in certain configurations when a request produces a MatchInfoError. This issue was caused by adding an entry to a cache on each request due to the building of each MatchInfoError producing a unique cache entry. An attacker may be ab...
Missing Release of Resource after Effective Lifetime
Overview Affected versions of this package are vulnerable to Missing Release of Resource after Effective Lifetime by creating a unique cache entry for each MatchInfoError when a request method is not allowed. This can lead to unbounded cache growth, resulting in a memory leak. Remediation Upgrade...
aiohttp has a memory leak when middleware is enabled when requesting a resource with a non-allowed method
Summary A memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each MatchInfoError producing a unique cache entry. Impact If the user is making use of any middlewares with aiohttp.web then it is...
CVE-2024-52303
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each...
UBUNTU-CVE-2024-52303
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each...
CVE-2024-52303 aiohttp memory leak when middleware is enabled when requesting a resource with a non-allowed method
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each...
CVE-2024-52303 aiohttp memory leak when middleware is enabled when requesting a resource with a non-allowed method
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In versions starting with 3.10.6 and prior to 3.10.11, a memory leak can occur when a request produces a MatchInfoError. This was caused by adding an entry to a cache on each request, due to the building of each...