Количество 8
Количество 8
GHSA-mqqc-3gqh-h2x8
AIOHTTP has unicode match groups in regexes for ASCII protocol elements
CVE-2025-69225
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3.
CVE-2025-69225
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3.
CVE-2025-69225
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3.
CVE-2025-69225
AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ...
SUSE-SU-2026:0859-1
Security update for python-aiohttp
SUSE-SU-2026:0858-1
Security update for python-aiohttp
openSUSE-SU-2026:20204-1
Security update for python-aiohttp, python-Brotli
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| GHSA-mqqc-3gqh-h2x8 AIOHTTP has unicode match groups in regexes for ASCII protocol elements | 0% Низкий | 3 месяца назад | |
 | CVE-2025-69225 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | CVE-2025-69225 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3. | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
 | CVE-2025-69225 AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3. | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
| CVE-2025-69225 AIOHTTP is an asynchronous HTTP client/server framework for asyncio an ... | CVSS3: 5.3 | 0% Низкий | 3 месяца назад |
 | SUSE-SU-2026:0859-1 Security update for python-aiohttp | 24 дня назад | ||
| SUSE-SU-2026:0858-1 Security update for python-aiohttp | 24 дня назад | ||
| openSUSE-SU-2026:20204-1 Security update for python-aiohttp, python-Brotli | около 2 месяцев назад |
Уязвимостей на страницу