Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/25 5:32 p.m.6 views

CVE-2026-54277

A flaw was found in aiohttp, an asynchronous HTTP client/server framework for Python. A remote attacker can exploit this vulnerability by sending oversized lines within an HTTP request. This bypasses the maxlinesize check in the C parser, causing the system to use an excessive amount of memory...

8.7CVSS5.9AI score0.00322EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/22 4:37 p.m.6 views

CVE-2026-54277

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, it is possible to bypass the maxlinesize check in parts of an HTTP request in the C parser. If using the optimised C parser the default in pre-built wheels, then an attacker may be able to send...

8.7CVSS5.8AI score0.00322EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2026-54277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, it is possible to bypass the maxlinesize check in parts of an...

8.7CVSS6.1AI score0.00322EPSS
Exploits0References3
Snyk
Snyk
added 2026/06/15 8:9 p.m.18 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the C HTTP parser when the maxlinesize check is bypassed for fragmented lines. An attacker can cause excessive memory consumption by sending oversized HTTP request lines, potential...

8.7CVSS5.3AI score0.00322EPSS
Exploits0References2
Rows per page
Query Builder