2 matches found
CVE-2026-54280
CVE-2026-54280 affects the AIOHTTP project (async HTTP client/server for asyncio/Python). Before version 3.14.1, payload resources may not be closed correctly if a client disconnects mid-write, allowing temporary resource starvation when a payload uses a limited resource (e.g., open files). The i...
GHSA-9X8Q-7H8H-WCW9 aiohttp: Payload Response Resources Are Not Closed After Mid-Body Disconnect
Summary Payload resources are not closed correctly when a client disconnects in the middle of a write. Impact If a payload is using an open file or similar limited resource, then an attacker may be able to cause resource starvation temporarily until garbage collection or similar closes the file...