Security: aio-libs/aiohttp
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
DoS through chunked messagesGHSA-g84x-mcqj-x9qq published
Jan 5, 2026 by DreamsorcererModerate -
Cookie Parser Warning StormGHSA-fh55-r93g-j68g published
Jan 5, 2026 by DreamsorcererLow -
Denial of service through large payloadsGHSA-6jhg-hg63-jvvf published
Jan 5, 2026 by DreamsorcererHigh -
DoS when bypassing assertsGHSA-jj3x-wxrx-4x23 published
Jan 5, 2026 by DreamsorcererHigh -
Brute-force leak of internal static file path componentsGHSA-54jq-c3m8-4m76 published
Jan 5, 2026 by DreamsorcererLow -
Unicode match groups in regexes for ASCII protocol elementsGHSA-mqqc-3gqh-h2x8 published
Jan 5, 2026 by DreamsorcererLow -
Unicode processing of header values could cause parsing discrepanciesGHSA-69f9-5gxw-wvc2 published
Jan 5, 2026 by DreamsorcererLow -
Request smuggling due to incorrect parsing of chunked trailer sectionGHSA-9548-qrrj-x5pj published
Jul 14, 2025 by DreamsorcererLow -
Memory leak when middlewares are usedGHSA-27mf-ghqm-j3j8 published
Nov 18, 2024 by DreamsorcererModerate -
Request smuggling due to incorrect parsing of chunk extensionsGHSA-8495-4g3g-x7pr published
Nov 18, 2024 by DreamsorcererLow