Количество 9
Количество 9
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue.
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue.
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue.
CVE-2025-53643
AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ...
SUSE-SU-2025:03201-1
Security update for python-aiohttp
SUSE-SU-2025:03057-1
Security update for python-aiohttp
GHSA-9548-qrrj-x5pj
AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
BDU:2025-15590
Уязвимость HTTP-клиента aiohttp, связанная с непоследовательной интерпретацией HTTP-запросов, позволяющая нарушителю осуществлять атаки с подменой HTTP-запросов
ROS-20251203-08
Уязвимость chromium
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-53643 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-53643 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue. | CVSS3: 3.7 | 0% Низкий | 5 месяцев назад |
 | CVE-2025-53643 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.12.14, the Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request. If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections. Version 3.12.14 contains a patch for this issue. | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
| CVE-2025-53643 AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ... | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | SUSE-SU-2025:03201-1 Security update for python-aiohttp | 0% Низкий | 3 месяца назад | |
| SUSE-SU-2025:03057-1 Security update for python-aiohttp | 0% Низкий | 4 месяца назад | |
| GHSA-9548-qrrj-x5pj AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections | 0% Низкий | 5 месяцев назад | |
 | BDU:2025-15590 Уязвимость HTTP-клиента aiohttp, связанная с непоследовательной интерпретацией HTTP-запросов, позволяющая нарушителю осуществлять атаки с подменой HTTP-запросов | CVSS3: 7.5 | 0% Низкий | 5 месяцев назад |
 | ROS-20251203-08 Уязвимость chromium | CVSS3: 7.5 | 0% Низкий | 15 дней назад |
Уязвимостей на страницу