CNNVD-202601-960 Information
Jan 06, 2026
cve
CNNVD ID
CNNVD-202601-960
Related CVE
- CNNVD Published: 2026-01-06
Description (Chinese)
aiohttp是aio-libs开源的一个开源的用于 asyncio 和 Python 的异步 HTTP 客户端/服务器框架。 aiohttp 3.13.2及之前版本存在安全漏洞,该漏洞源于特制请求可导致服务器内存耗尽,可能导致拒绝服务攻击。
Description (English)
Aiohttp is an open source of aio-libs open source for asyncio and Python’s walk HTTP client/server framework. Aiohttp 3.13.2 and previous versions contain a security loophole, which stems from the fact that ad hoc requests can lead to the depletion of server memory and may lead to the denial of service attacks.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
aio-libs
Published
2026-01-06
Last Modified
2026-02-24
References
https://github.com/aio-libs/aio
Patch
https://docs.aiohttp.org/en/stable/
Share on: