Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
pypi aiohttp Security Advisories
Browse all Security Advisories for pypi aiohttp
Loading...
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
GSA_kwCzR0hTQS04NDk1LTRnM2cteDdwcs4ABBeU
aiohttp allows request smuggling due to incorrect parsing of chunk extensionsEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 2 days ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: 2 days ago
GSA_kwCzR0hTQS0yN21mLWdocW0tajNqOM4ABBeT
aiohttp has a memory leak when middleware is enabled when requesting a resource with a non-allowed methodEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: 2 days ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: 3 months ago
GSA_kwCzR0hTQS1qd2h4LXhjZzYtOHhoas4AA-ge
In aiohttp, compressed files as symlinks are not protected from path traversalEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 23.1
Published: 3 months ago
High
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: 7 months ago
GSA_kwCzR0hTQS01bTk4LXFnZzktd2g4NM4AA7vP
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requestsEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 36.2
Published: 7 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 7 months ago
GSA_kwCzR0hTQS03Z3B3LTh3bWMtcG04Z84AA7Ls
aiohttp Cross-site Scripting vulnerability on index pages for static file handlingEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 29.4
Published: 7 months ago
High
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 10 months ago
GSA_kwCzR0hTQS01aDg2LThtdjItanE5Zs4AA47u
aiohttp is vulnerable to directory traversalEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 28.5
Published: 10 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 10 months ago
GSA_kwCzR0hTQS04cXB3LXhxeGotaDRyMs4AA47q
aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separatorsEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 31.3
Published: 10 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 12 months ago
GSA_kwCzR0hTQS1xM3F4LWM2ZzItN3B3Ms4AA3Yd
aiohttp's ClientSession is vulnerable to CRLF injection via versionEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 34.7
Published: 12 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: 12 months ago
GSA_kwCzR0hTQS1xdnJ3LXY5cnYtNXJqeM4AA3Yc
aiohttp's ClientSession is vulnerable to CRLF injection via methodEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: 12 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS1wamp3LXFoZzgtcDJwOc4AA3Yb
aiohttp has vulnerable dependency that is vulnerable to request smugglingEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 1 year ago
GSA_kwCzR0hTQS1nZncyLTRqdmgtd2dmZ84AA3K1
AIOHTTP has problems in HTTP parser (the python one, not llhttp)Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: about 1 year ago
Low
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: about 1 year ago
GSA_kwCzR0hTQS14eDlwLXh4dmgtN2c4as4AA3Hw
Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacksEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 16.4
Published: about 1 year ago
Moderate
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 1 year ago
GSA_kwCzR0hTQS00NWM0LTh3eDUtcXc2d84AA00K
aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parserEcosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 25.6
Published: over 1 year ago
Low
Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: over 3 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2d3AtNG02Zi1nY2pn
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)Ecosystems: pypi
Packages: aiohttp
Source: GitHub Advisory Database
Blast Radius: 14.9
Published: over 3 years ago
Statistics
Advisories: 20,668
Packages: 9,040
Repositories: 1
Ecosystems: 12
Packages: 9,040
Repositories: 1
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
tensorflow
433
tensorflow-gpu
427
tensorflow-cpu
423
Django
100
apache-airflow
85
Plone
72
ansible
63
salt
56
apache-superset
51
nova
47
mlflow
46
django
44
rdiffweb
42
plone
41
vyper
38
moin
35
matrix-synapse
35
gradio
34
keystone
31
Pillow
31
opencv-python
31
opencv-contrib-python
31
pillow
26
glance
20
langchain
20
mercurial
18
mindsdb
18
cobbler
18
notebook
17
cryptography
16
neutron
16
paddlepaddle
16
PaddlePaddle
16
pyload-ng
16
calibreweb
15
ethyca-fides
15
OctoPrint
15
pyftpdlib
14
lollms
14
aiohttp
14
modoboa
14
vantage6
13
swift
12
twisted
12
wagtail
12
urllib3
12
roundup
12
zenml
12
onionshare-cli
11
horizon
11
waitress
11
trytond
11
nautobot
10
opencv-contrib-python-headless
10
opencv-python-headless
10
Flask-AppBuilder
10
sentry
10
cinder
9
zope
9
pyspark
9
python-keystoneclient
9
ryu
9
kiwitcms
9
trac
8
pgadmin4
8
label-studio
8
aubio
8
ipython
8
ckan
8
numpy
8
litellm
8
Zope
8
matrix-sydent
7
lief
7
Products.CMFPlone
7
pysaml2
7
scrapy
7
pip
7
jupyter-server
7
inventree
7
requests
6
tornado
6
Moin
6
mailman
6
mage-ai
6
apache-airflow-providers-apache-hive
6
web2py
6
tuf
6
ansible-core
6
Zope2
6
lxml
6
graphite-web
6
changedetection.io
6
aim
6
yt-dlp
6
grpc
5
dtale
5
torchserve
5
nltk
5
bleach
5
Jinja2
5
whoogle-search
5
grpcio
5
lmdb
5
paramiko
5
oauthenticator
5
saleor
5
jupyterhub
5
feedparser
5
Werkzeug
5
werkzeug
5
langchain-experimental
5
pretix
5
omero-web
5
ait-core
5
python-gnupg
5
esphome
4
onnx
4
reportlab
4
langchain-community
4
markdown2
4
nvflare
4
Keystone
4
tripleo-heat-templates
4
streamlit
4
Nova
4
langflow
4
dbt-core
4
open-webui
4
codechecker
4
FreeTAKServer-UI
4
transformers
4
jupyterlab
4
Flask-Security-Too
4
buildbot
4
pywasm3
4
Scrapy
4
bottle
4
indy-node
4
barbican
4
keylime
4
indico
4
apache-iotdb
4
software.amazon.awssdk.iotdevicesdk:aws-iot-device-sdk
4
aws-iot-device-sdk-v2
4
qutebrowser
4
awsiotsdk
4
mobsf
4
Weblate
4
apache-submarine
4
Pygments
4
Radicale
4
PyPDF2
4
jwcrypto
4
GitPython
4
httpie
4
wasmtime
4
Mezzanine
3
snowflake-connector-python
3
mistune
3
Kallithea
3
plone.supermodel
3
plone.app.dexterity
3
plone.app.theming
3
plone.app.event
3
django-cms
3
ecdsa
3
httplib2
3
io.grpc:grpc-protobuf
3
ajenti
3
ydata-profiling
3
pandasai
3
Twisted
3
django-tinymce
3
keystonemiddleware
3
ujson
3
scikit-learn
3
tinymce/tinymce
3
Red-DiscordBot
3
TinyMCE
3
tinymce
3
sanic
3
pycrypto
3
copyparty
3
django-helpdesk
3
localstack
3
dulwich
3
python-jose
3
poetry
3
wasmtime
3
bitlyshortener
3
pyyaml
3
apache-libcloud
3
wasm3
3
starlette
3
gerapy
3
sqlparse
3
h2o
3
flask
3
openstack-heat
3
Filter by Repository