4 matches found
CVE-2026-54274 AIOHTTP: Incomplete websocket frame payloads bypass memory limits
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, if an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual size limits on memory use. This vulnerability is fixed in 3.14.1...
Linux Distros Unpatched Vulnerability : CVE-2026-54278
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to 3.14.1, during cleanup it is possible for a compressed request body to ...
PT-2024-4076 · Helm +2 · Helm +2
Name of the Vulnerable Software and Affected Versions: Helm versions prior to 3.14.1 Description: The issue is related to the Helm client or SDK saving a chart outside its expected directory based on changes in the relative path within the Chart.yaml file. This occurs when the chart's name includ...
CVE-2019-19229
admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.14.1 HM 1.12.1 allows action=download&filename= Directory Traversal...