Fedora 43 : python-aiohttp (2026-66cb8ecfc2)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-66cb8ecfc2 advisory. https://github.com/aio-libs/aiohttp/blob/v3.13.3/CHANGES.rst Tenable has extracted the preceding description block directly from the Fedora security advisory...

Security update for python-aiohttp, python-Brotli (important)

openSUSE security update: security update for python-aiohttp, python-brotli ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20204-1 Rating: important References: bsc1246517 bsc1254867 bsc1256017 bsc1256018 bsc1256019 bsc1256020 bsc1256021 bsc1256022...

OPENSUSE-SU-2026:20204-1 Security update for python-aiohttp, python-Brotli

This update for python-aiohttp, python-Brotli fixes the following issues: Changes in python-aiohttp: - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal static file path components bsc1256020. - CVE-2025-69224: Fixed...

SUSE-SU-2026:20425-1 Security update for python-aiohttp, python-Brotli

This update for python-aiohttp, python-Brotli fixes the following issues: Changes in python-aiohttp: - CVE-2025-69228: Fixed denial of service through large payloads bsc1256022. - CVE-2025-69226: Fixed brute-force leak of internal static file path components bsc1256020. - CVE-2025-69224: Fixed...

OPENSUSE-SU-2026:10025-1 python311-aiohttp-3.13.3-1.1 on GA media

These are all security issues fixed in the python311-aiohttp-3.13.3-1.1 package on the GA media of openSUSE Tumbleweed...

AZL-73500 CVE-2025-69225 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request...

AZL-73523 CVE-2025-69225 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request...

AZL-73526 CVE-2025-69226 affecting package python-aiohttp 3.6.2-3

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below enable an attacker to ascertain the existence of absolute path components through the path normalization logic for static files meant to prevent path traversal. If an application uses...

SUSE SLES15 Security Update : python-aiohttp (SUSE-SU-2025:03201-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03201-1 advisory. - CVE-2025-53643: request smuggling vulnerability due to incorrect parsing trailer sections of an HTTP request bsc1246517. Tenable has...

Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: CVE-2025-53643: request smuggling vulnerability due to incorrect parsing trailer sections of an HTTP request bsc1246517. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

SUSE-SU-2025:03201-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2025-53643: request smuggling vulnerability due to incorrect parsing trailer sections of an HTTP request bsc1246517...

openSUSE Security Advisory (SUSE-SU-2025:03057-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-aiohttp (SUSE-SU-2025:03057-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2025:03057-1 advisory. - CVE-2025-53643: Fixed request smuggling due to incorrect parsing of chunked trailer section bsc1246517...

SUSE-SU-2025:03057-1 Security update for python-aiohttp

This update for python-aiohttp fixes the following issues: - CVE-2025-53643: Fixed request smuggling due to incorrect parsing of chunked trailer section bsc1246517...

Fedora: Security Advisory (FEDORA-2024-8deaadd998)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-49df7093ac)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-c4a71dab58)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-4041-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 4041-1] python-aiohttp security update

Debian LTS Advisory DLA-4041-1 [email protected] https://www.debian.org/lts/security/ Jochen Sprickerhof February 03, 2025 https://wiki.debian.org/LTS Package : python-aiohttp Version : 3.7.4-1+deb11u1 CVE ID : CVE-2023-47627 CVE-2023-47641 CVE-2023-49081 CVE-2023-49082 CVE-2024-23334...

Debian dla-4041 : python-aiohttp-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4041 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4041-1 [email protected]...