Vulnerabilities > Aiohttp

DATE CVE VULNERABILITY TITLE RISK
2024-01-29 CVE-2024-23334 Path Traversal vulnerability in multiple products
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp fedoraproject CWE-22
7.5
2024-01-29 CVE-2024-23829 HTTP Request Smuggling vulnerability in multiple products
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp fedoraproject CWE-444
6.5
2023-11-30 CVE-2023-49081 Unspecified vulnerability in Aiohttp
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp
5.3
2023-11-29 CVE-2023-49082 CRLF Injection vulnerability in Aiohttp
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp CWE-93
5.3
2023-11-14 CVE-2023-47627 HTTP Request Smuggling vulnerability in Aiohttp
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp CWE-444
7.5
2023-11-14 CVE-2023-47641 HTTP Request Smuggling vulnerability in Aiohttp
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp CWE-444
6.5
2023-07-19 CVE-2023-37276 HTTP Request Smuggling vulnerability in Aiohttp
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp CWE-444
7.5
2022-06-23 CVE-2022-33124 Unspecified vulnerability in Aiohttp 3.8.1
AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS).
local
low complexity
aiohttp
5.5
2021-02-26 CVE-2021-21330 Open Redirect vulnerability in multiple products
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.
network
low complexity
aiohttp debian fedoraproject CWE-601
6.1