3 matches found
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the TCPConnector function. An attacker can cause excessive memory consumption by making requests to a very large number of hosts, leading to resource exhaustion. Remediation Upgrad...
AIOHTTP Affected by Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector
Summary An unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. Impact If an application makes requests to a very large number of hosts, this could cause the DNS cache to continue growing and slowly use excessive amounts of memory. ----- Patch:...
CVE-2026-34513
CVE-2026-34513 affects aiohttp prior to 3.13.4, where an unbounded DNS cache could cause excessive memory usage leading to a DoS. The issue has been patched in 3.13.4. Affected component: aiohttp (async HTTP client/server for asyncio). Root cause: unbounded DNS cache memory growth. Impact: potent...