Количество 8
Количество 8
CVE-2025-69223
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory. This issue is fixed in version 3.13.3.
CVE-2025-69223
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory. This issue is fixed in version 3.13.3.
CVE-2025-69223
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory. This issue is fixed in version 3.13.3.
CVE-2025-69223
AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ...
GHSA-6mq8-rvhq-8wgg
AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb
SUSE-SU-2026:0859-1
Security update for python-aiohttp
SUSE-SU-2026:0858-1
Security update for python-aiohttp
openSUSE-SU-2026:20204-1
Security update for python-aiohttp, python-Brotli
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-69223 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory. This issue is fixed in version 3.13.3. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | CVE-2025-69223 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory. This issue is fixed in version 3.13.3. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | CVE-2025-69223 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the host's memory. This issue is fixed in version 3.13.3. | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| CVE-2025-69223 AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ... | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
| GHSA-6mq8-rvhq-8wgg AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb | CVSS3: 7.5 | 0% Низкий | 3 месяца назад |
 | SUSE-SU-2026:0859-1 Security update for python-aiohttp | 24 дня назад | ||
| SUSE-SU-2026:0858-1 Security update for python-aiohttp | 24 дня назад | ||
| openSUSE-SU-2026:20204-1 Security update for python-aiohttp, python-Brotli | около 2 месяцев назад |
Уязвимостей на страницу