Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
Typedeb
Namespacedebian
Namepython-aiohttp
Version3.11.16-1+deb13u1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version3.13.5-1
Latest_non_vulnerable_version3.13.5-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-19q4-vzzb-8uca
vulnerability_id VCID-19q4-vzzb-8uca
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34519.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34519.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34519
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11693
published_at 2026-04-18T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.1165
published_at 2026-04-29T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11778
published_at 2026-04-24T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.1181
published_at 2026-04-21T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.11732
published_at 2026-04-26T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13732
published_at 2026-04-02T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.13791
published_at 2026-04-04T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18287
published_at 2026-04-07T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18268
published_at 2026-04-16T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18323
published_at 2026-04-13T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18375
published_at 2026-04-12T12:55:00Z
11
value 0.00059
scoring_system epss
scoring_elements 0.18422
published_at 2026-04-11T12:55:00Z
12
value 0.00059
scoring_system epss
scoring_elements 0.18423
published_at 2026-04-09T12:55:00Z
13
value 0.00059
scoring_system epss
scoring_elements 0.1837
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34519
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34519
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T15:40:04Z/
url https://github.com/aio-libs/aiohttp/commit/53b35a2f8869c37a133e60bf1a82a1c01642ba2b
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T15:40:04Z/
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-02T15:40:04Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mwh4-6h8g-pg8w
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34519
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34519
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454100
reference_id 2454100
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454100
11
reference_url https://github.com/advisories/GHSA-mwh4-6h8g-pg8w
reference_id GHSA-mwh4-6h8g-pg8w
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mwh4-6h8g-pg8w
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34519, GHSA-mwh4-6h8g-pg8w
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-19q4-vzzb-8uca
1
url VCID-5f1f-mrwv-zucz
vulnerability_id VCID-5f1f-mrwv-zucz
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34513.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34513.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34513
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.122
published_at 2026-04-02T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.12245
published_at 2026-04-04T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.16263
published_at 2026-04-24T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.16369
published_at 2026-04-21T12:55:00Z
4
value 0.00052
scoring_system epss
scoring_elements 0.16335
published_at 2026-04-18T12:55:00Z
5
value 0.00052
scoring_system epss
scoring_elements 0.16315
published_at 2026-04-16T12:55:00Z
6
value 0.00052
scoring_system epss
scoring_elements 0.16386
published_at 2026-04-13T12:55:00Z
7
value 0.00052
scoring_system epss
scoring_elements 0.16441
published_at 2026-04-08T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16218
published_at 2026-04-29T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16259
published_at 2026-04-26T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16485
published_at 2026-04-11T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16355
published_at 2026-04-07T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.165
published_at 2026-04-09T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16446
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34513
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34513
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34513
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34513
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34513
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454107
reference_id 2454107
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454107
11
reference_url https://github.com/advisories/GHSA-hcc4-c3v8-rx92
reference_id GHSA-hcc4-c3v8-rx92
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hcc4-c3v8-rx92
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34513, GHSA-hcc4-c3v8-rx92
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5f1f-mrwv-zucz
2
url VCID-cg9h-fysf-xygf
vulnerability_id VCID-cg9h-fysf-xygf
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34516.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34516.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34516
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11462
published_at 2026-04-04T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.122
published_at 2026-04-02T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.1533
published_at 2026-04-07T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.15325
published_at 2026-04-13T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15391
published_at 2026-04-12T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.1543
published_at 2026-04-11T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15468
published_at 2026-04-09T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15418
published_at 2026-04-08T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16335
published_at 2026-04-18T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16259
published_at 2026-04-26T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16263
published_at 2026-04-24T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16369
published_at 2026-04-21T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.16315
published_at 2026-04-16T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16218
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34516
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34516
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34516
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:11:32Z/
url https://github.com/aio-libs/aiohttp/commit/8a74257b3804c9aac0bf644af93070f68f6c5a6f
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:11:32Z/
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:11:32Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-m5qp-6w8w-w647
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34516
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34516
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454112
reference_id 2454112
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454112
11
reference_url https://github.com/advisories/GHSA-m5qp-6w8w-w647
reference_id GHSA-m5qp-6w8w-w647
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m5qp-6w8w-w647
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34516, GHSA-m5qp-6w8w-w647
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cg9h-fysf-xygf
3
url VCID-d3pa-kwgz-vuag
vulnerability_id VCID-d3pa-kwgz-vuag
summary 
AIOHTTP vulnerable to  denial of service through large payloads
### Summary
A request can be crafted in such a way that an aiohttp server's memory fills up uncontrollably during processing.

### Impact
If an application includes a handler that uses the `Request.post()` method, an attacker may be able to freeze the server by exhausting the memory.

-----

Patch: https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69228.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69228.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69228
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.1943
published_at 2026-04-29T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19467
published_at 2026-04-26T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19479
published_at 2026-04-24T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19584
published_at 2026-04-21T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19572
published_at 2026-04-18T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19565
published_at 2026-04-16T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19637
published_at 2026-04-08T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19835
published_at 2026-04-04T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19557
published_at 2026-04-07T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19689
published_at 2026-04-09T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19587
published_at 2026-04-13T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.19782
published_at 2026-04-02T12:55:00Z
12
value 0.00063
scoring_system epss
scoring_elements 0.19646
published_at 2026-04-12T12:55:00Z
13
value 0.00063
scoring_system epss
scoring_elements 0.19695
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69228
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69228
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:03Z/
url https://github.com/aio-libs/aiohttp/commit/b7dbd35375aedbcd712cbae8ad513d56d11cce60
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6jhg-hg63-jvvf
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:03Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6jhg-hg63-jvvf
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69228
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69228
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427254
reference_id 2427254
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427254
9
reference_url https://github.com/advisories/GHSA-6jhg-hg63-jvvf
reference_id GHSA-6jhg-hg63-jvvf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6jhg-hg63-jvvf
10
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
11
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
12
reference_url https://access.redhat.com/errata/RHSA-2026:5809
reference_id RHSA-2026:5809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5809
13
reference_url https://access.redhat.com/errata/RHSA-2026:6761
reference_id RHSA-2026:6761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6761
14
reference_url https://access.redhat.com/errata/RHSA-2026:6762
reference_id RHSA-2026:6762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6762
15
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69228, GHSA-6jhg-hg63-jvvf
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d3pa-kwgz-vuag
4
url VCID-drqp-x9gc-2qd3
vulnerability_id VCID-drqp-x9gc-2qd3
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34518.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34518.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34518
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11175
published_at 2026-04-29T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11236
published_at 2026-04-26T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11208
published_at 2026-04-18T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11277
published_at 2026-04-24T12:55:00Z
4
value 0.00038
scoring_system epss
scoring_elements 0.11337
published_at 2026-04-21T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.122
published_at 2026-04-02T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.12245
published_at 2026-04-04T12:55:00Z
7
value 0.00052
scoring_system epss
scoring_elements 0.16355
published_at 2026-04-07T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16325
published_at 2026-04-16T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16386
published_at 2026-04-13T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16446
published_at 2026-04-12T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16485
published_at 2026-04-11T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.165
published_at 2026-04-09T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16441
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34518
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34518
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:05:59Z/
url https://github.com/aio-libs/aiohttp/commit/5351c980dcec7ad385730efdf4e1f4338b24fdb6
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:05:59Z/
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:05:59Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-966j-vmvw-g2g9
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34518
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34518
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454098
reference_id 2454098
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454098
11
reference_url https://github.com/advisories/GHSA-966j-vmvw-g2g9
reference_id GHSA-966j-vmvw-g2g9
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-966j-vmvw-g2g9
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34518, GHSA-966j-vmvw-g2g9
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drqp-x9gc-2qd3
5
url VCID-ft9z-nd6x-27dz
vulnerability_id VCID-ft9z-nd6x-27dz
summary 
AIOHTTP has unicode match groups in regexes for ASCII protocol elements
### Summary

The parser allows non-ASCII decimals to be present in the Range header.

### Impact

There is no known impact, but there is the possibility that there's a method to exploit a request smuggling vulnerability.

----

Patch: https://github.com/aio-libs/aiohttp/commit/c7b7a044f88c71cefda95ec75cdcfaa4792b3b96
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69225.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69225.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69225
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13843
published_at 2026-04-29T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.1391
published_at 2026-04-26T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13936
published_at 2026-04-24T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13935
published_at 2026-04-13T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.14126
published_at 2026-04-04T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13932
published_at 2026-04-07T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.14014
published_at 2026-04-08T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.14067
published_at 2026-04-09T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.14022
published_at 2026-04-11T12:55:00Z
9
value 0.00045
scoring_system epss
scoring_elements 0.13985
published_at 2026-04-12T12:55:00Z
10
value 0.00045
scoring_system epss
scoring_elements 0.13905
published_at 2026-04-21T12:55:00Z
11
value 0.00045
scoring_system epss
scoring_elements 0.14072
published_at 2026-04-02T12:55:00Z
12
value 0.00045
scoring_system epss
scoring_elements 0.13833
published_at 2026-04-18T12:55:00Z
13
value 0.00045
scoring_system epss
scoring_elements 0.13839
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69225
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69225
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69225
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/c7b7a044f88c71cefda95ec75cdcfaa4792b3b96
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:19Z/
url https://github.com/aio-libs/aiohttp/commit/c7b7a044f88c71cefda95ec75cdcfaa4792b3b96
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mqqc-3gqh-h2x8
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:19Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mqqc-3gqh-h2x8
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69225
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69225
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427253
reference_id 2427253
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427253
9
reference_url https://github.com/advisories/GHSA-mqqc-3gqh-h2x8
reference_id GHSA-mqqc-3gqh-h2x8
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mqqc-3gqh-h2x8
10
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69225, GHSA-mqqc-3gqh-h2x8
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ft9z-nd6x-27dz
6
url VCID-g4rj-1kzy-pkft
vulnerability_id VCID-g4rj-1kzy-pkft
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34525.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34525.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34525
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24814
published_at 2026-04-02T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24852
published_at 2026-04-04T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.27783
published_at 2026-04-12T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27825
published_at 2026-04-11T12:55:00Z
4
value 0.001
scoring_system epss
scoring_elements 0.2782
published_at 2026-04-09T12:55:00Z
5
value 0.001
scoring_system epss
scoring_elements 0.27777
published_at 2026-04-08T12:55:00Z
6
value 0.001
scoring_system epss
scoring_elements 0.27709
published_at 2026-04-07T12:55:00Z
7
value 0.001
scoring_system epss
scoring_elements 0.27734
published_at 2026-04-16T12:55:00Z
8
value 0.001
scoring_system epss
scoring_elements 0.27726
published_at 2026-04-13T12:55:00Z
9
value 0.00119
scoring_system epss
scoring_elements 0.30498
published_at 2026-04-29T12:55:00Z
10
value 0.00119
scoring_system epss
scoring_elements 0.30894
published_at 2026-04-18T12:55:00Z
11
value 0.00119
scoring_system epss
scoring_elements 0.3086
published_at 2026-04-21T12:55:00Z
12
value 0.00119
scoring_system epss
scoring_elements 0.30698
published_at 2026-04-24T12:55:00Z
13
value 0.00119
scoring_system epss
scoring_elements 0.30582
published_at 2026-04-26T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34525
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34525
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34525
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/commit/53e2e6fc58b89c6185be7820bd2c9f40216b3000
6
reference_url https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/commit/e00ca3cca92c465c7913c4beb763a72da9ed8349
7
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
8
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-c427-h43c-vf67
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34525
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34525
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454096
reference_id 2454096
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454096
12
reference_url https://github.com/advisories/GHSA-c427-h43c-vf67
reference_id GHSA-c427-h43c-vf67
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c427-h43c-vf67
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34525, GHSA-c427-h43c-vf67
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g4rj-1kzy-pkft
7
url VCID-hyh4-58xy-xfge
vulnerability_id VCID-hyh4-58xy-xfge
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34517.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34517.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34517
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12245
published_at 2026-04-04T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.122
published_at 2026-04-02T12:55:00Z
2
value 0.00051
scoring_system epss
scoring_elements 0.15771
published_at 2026-04-29T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15744
published_at 2026-04-16T12:55:00Z
4
value 0.00051
scoring_system epss
scoring_elements 0.15753
published_at 2026-04-18T12:55:00Z
5
value 0.00051
scoring_system epss
scoring_elements 0.15796
published_at 2026-04-21T12:55:00Z
6
value 0.00051
scoring_system epss
scoring_elements 0.15817
published_at 2026-04-24T12:55:00Z
7
value 0.00051
scoring_system epss
scoring_elements 0.15814
published_at 2026-04-26T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16485
published_at 2026-04-11T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16446
published_at 2026-04-12T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16355
published_at 2026-04-07T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16441
published_at 2026-04-08T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.165
published_at 2026-04-09T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16386
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34517
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34517
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/commit/cbb774f38330563422ca0c413a71021d7b944145
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-3wq7-rqq7-wx6j
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34517
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34517
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454095
reference_id 2454095
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454095
11
reference_url https://github.com/advisories/GHSA-3wq7-rqq7-wx6j
reference_id GHSA-3wq7-rqq7-wx6j
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3wq7-rqq7-wx6j
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34517, GHSA-3wq7-rqq7-wx6j
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyh4-58xy-xfge
8
url VCID-k122-7d38-2ug5
vulnerability_id VCID-k122-7d38-2ug5
summary 
AIOHTTP is vulnerable to HTTP Request/Response Smuggling through incorrect parsing of chunked trailer sections
### Summary
The Python parser is vulnerable to a request smuggling vulnerability due to not parsing trailer sections of an HTTP request.

### Impact
If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections.

----

Patch: https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53643.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53643.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-53643
reference_id
reference_type
scores
0
value 0.00078
scoring_system epss
scoring_elements 0.23245
published_at 2026-04-02T12:55:00Z
1
value 0.00078
scoring_system epss
scoring_elements 0.23152
published_at 2026-04-08T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23289
published_at 2026-04-04T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23078
published_at 2026-04-07T12:55:00Z
4
value 0.00086
scoring_system epss
scoring_elements 0.24852
published_at 2026-04-18T12:55:00Z
5
value 0.00086
scoring_system epss
scoring_elements 0.24858
published_at 2026-04-16T12:55:00Z
6
value 0.00086
scoring_system epss
scoring_elements 0.24847
published_at 2026-04-13T12:55:00Z
7
value 0.00086
scoring_system epss
scoring_elements 0.24901
published_at 2026-04-12T12:55:00Z
8
value 0.00086
scoring_system epss
scoring_elements 0.2494
published_at 2026-04-11T12:55:00Z
9
value 0.00086
scoring_system epss
scoring_elements 0.24925
published_at 2026-04-09T12:55:00Z
10
value 0.00086
scoring_system epss
scoring_elements 0.24716
published_at 2026-04-29T12:55:00Z
11
value 0.00086
scoring_system epss
scoring_elements 0.24762
published_at 2026-04-26T12:55:00Z
12
value 0.00086
scoring_system epss
scoring_elements 0.24773
published_at 2026-04-24T12:55:00Z
13
value 0.00086
scoring_system epss
scoring_elements 0.2483
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-53643
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53643
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53643
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T14:43:18Z/
url https://github.com/aio-libs/aiohttp/commit/e8d774f635dc6d1cd3174d0e38891da5de0e2b6a
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T14:43:18Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-53643
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-53643
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109336
reference_id 1109336
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109336
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2380000
reference_id 2380000
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2380000
10
reference_url https://github.com/advisories/GHSA-9548-qrrj-x5pj
reference_id GHSA-9548-qrrj-x5pj
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9548-qrrj-x5pj
11
reference_url https://access.redhat.com/errata/RHSA-2025:22759
reference_id RHSA-2025:22759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22759
12
reference_url https://access.redhat.com/errata/RHSA-2025:22939
reference_id RHSA-2025:22939
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22939
13
reference_url https://access.redhat.com/errata/RHSA-2025:22944
reference_id RHSA-2025:22944
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22944
14
reference_url https://access.redhat.com/errata/RHSA-2025:23531
reference_id RHSA-2025:23531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23531
15
reference_url https://access.redhat.com/errata/RHSA-2026:1249
reference_id RHSA-2026:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1249
16
reference_url https://access.redhat.com/errata/RHSA-2026:1506
reference_id RHSA-2026:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1506
17
reference_url https://access.redhat.com/errata/RHSA-2026:2760
reference_id RHSA-2026:2760
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2760
18
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-53643, GHSA-9548-qrrj-x5pj
risk_score 1.6
exploitability 0.5
weighted_severity 3.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k122-7d38-2ug5
9
url VCID-kf4p-q9n9-ayhn
vulnerability_id VCID-kf4p-q9n9-ayhn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22815.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22815.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-22815
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11462
published_at 2026-04-04T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.122
published_at 2026-04-02T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.16263
published_at 2026-04-24T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.16369
published_at 2026-04-21T12:55:00Z
4
value 0.00052
scoring_system epss
scoring_elements 0.16335
published_at 2026-04-18T12:55:00Z
5
value 0.00052
scoring_system epss
scoring_elements 0.16315
published_at 2026-04-16T12:55:00Z
6
value 0.00052
scoring_system epss
scoring_elements 0.16346
published_at 2026-04-07T12:55:00Z
7
value 0.00052
scoring_system epss
scoring_elements 0.16218
published_at 2026-04-29T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16259
published_at 2026-04-26T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16475
published_at 2026-04-11T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16491
published_at 2026-04-09T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16432
published_at 2026-04-08T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.16375
published_at 2026-04-13T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16436
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-22815
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22815
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22815
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:09:26Z/
url https://github.com/aio-libs/aiohttp/commit/0c2e9da51126238a421568eb7c5b53e5b5d17b36
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:09:26Z/
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:09:26Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-w2fm-2cpv-w7v5
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-22815
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-22815
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454093
reference_id 2454093
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454093
11
reference_url https://github.com/advisories/GHSA-w2fm-2cpv-w7v5
reference_id GHSA-w2fm-2cpv-w7v5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w2fm-2cpv-w7v5
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-22815, GHSA-w2fm-2cpv-w7v5
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kf4p-q9n9-ayhn
10
url VCID-peyu-fxyx-ayde
vulnerability_id VCID-peyu-fxyx-ayde
summary 
AIOHTTP vulnerable to DoS through chunked messages
### Summary

Handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks.

### Impact

If an application makes use of the `request.read()` method in an endpoint, it may be possible for an attacker to cause the server to spend a moderate amount of blocking CPU time (e.g. 1 second) while processing the request. This could potentially lead to DoS as the server would be unable to handle other requests during that time.

-----

Patch: https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712
Patch: https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69229.json
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69229.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69229
reference_id
reference_type
scores
0
value 0.00052
scoring_system epss
scoring_elements 0.16113
published_at 2026-04-29T12:55:00Z
1
value 0.00052
scoring_system epss
scoring_elements 0.16152
published_at 2026-04-26T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.16154
published_at 2026-04-24T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.16261
published_at 2026-04-21T12:55:00Z
4
value 0.00052
scoring_system epss
scoring_elements 0.16223
published_at 2026-04-18T12:55:00Z
5
value 0.00052
scoring_system epss
scoring_elements 0.16204
published_at 2026-04-16T12:55:00Z
6
value 0.00052
scoring_system epss
scoring_elements 0.16268
published_at 2026-04-13T12:55:00Z
7
value 0.00052
scoring_system epss
scoring_elements 0.16336
published_at 2026-04-12T12:55:00Z
8
value 0.00052
scoring_system epss
scoring_elements 0.16243
published_at 2026-04-07T12:55:00Z
9
value 0.00052
scoring_system epss
scoring_elements 0.16392
published_at 2026-04-09T12:55:00Z
10
value 0.00052
scoring_system epss
scoring_elements 0.16328
published_at 2026-04-08T12:55:00Z
11
value 0.00052
scoring_system epss
scoring_elements 0.16454
published_at 2026-04-04T12:55:00Z
12
value 0.00052
scoring_system epss
scoring_elements 0.16375
published_at 2026-04-11T12:55:00Z
13
value 0.00052
scoring_system epss
scoring_elements 0.16391
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69229
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69229
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69229
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:24:45Z/
url https://github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229
6
reference_url https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:24:45Z/
url https://github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-g84x-mcqj-x9qq
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:24:45Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-g84x-mcqj-x9qq
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69229
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69229
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427257
reference_id 2427257
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427257
10
reference_url https://github.com/advisories/GHSA-g84x-mcqj-x9qq
reference_id GHSA-g84x-mcqj-x9qq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g84x-mcqj-x9qq
11
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69229, GHSA-g84x-mcqj-x9qq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-peyu-fxyx-ayde
11
url VCID-qrus-4szm-c3bj
vulnerability_id VCID-qrus-4szm-c3bj
summary 
AIOHTTP's unicode processing of header values could cause parsing discrepancies
### Summary
The Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters.

### Impact
If a pure Python version of aiohttp is installed (i.e. without the usual C extensions) or AIOHTTP_NO_EXTENSIONS is enabled, then an attacker may be able to execute a request smuggling attack to bypass certain firewalls or proxy protections.

------

Patch: https://github.com/aio-libs/aiohttp/commit/32677f2adfd907420c078dda6b79225c6f4ebce0
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69224.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69224.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69224
reference_id
reference_type
scores
0
value 0.00043
scoring_system epss
scoring_elements 0.13124
published_at 2026-04-29T12:55:00Z
1
value 0.00043
scoring_system epss
scoring_elements 0.13228
published_at 2026-04-26T12:55:00Z
2
value 0.00043
scoring_system epss
scoring_elements 0.13256
published_at 2026-04-24T12:55:00Z
3
value 0.00043
scoring_system epss
scoring_elements 0.13251
published_at 2026-04-21T12:55:00Z
4
value 0.00043
scoring_system epss
scoring_elements 0.13164
published_at 2026-04-18T12:55:00Z
5
value 0.00043
scoring_system epss
scoring_elements 0.13165
published_at 2026-04-16T12:55:00Z
6
value 0.00043
scoring_system epss
scoring_elements 0.13259
published_at 2026-04-13T12:55:00Z
7
value 0.00043
scoring_system epss
scoring_elements 0.13308
published_at 2026-04-12T12:55:00Z
8
value 0.00043
scoring_system epss
scoring_elements 0.13243
published_at 2026-04-07T12:55:00Z
9
value 0.00043
scoring_system epss
scoring_elements 0.13325
published_at 2026-04-08T12:55:00Z
10
value 0.00043
scoring_system epss
scoring_elements 0.13447
published_at 2026-04-04T12:55:00Z
11
value 0.00043
scoring_system epss
scoring_elements 0.13383
published_at 2026-04-02T12:55:00Z
12
value 0.00043
scoring_system epss
scoring_elements 0.13346
published_at 2026-04-11T12:55:00Z
13
value 0.00043
scoring_system epss
scoring_elements 0.13376
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69224
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69224
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69224
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/32677f2adfd907420c078dda6b79225c6f4ebce0
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:43Z/
url https://github.com/aio-libs/aiohttp/commit/32677f2adfd907420c078dda6b79225c6f4ebce0
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-69f9-5gxw-wvc2
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:43Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-69f9-5gxw-wvc2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69224
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69224
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427246
reference_id 2427246
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427246
9
reference_url https://github.com/advisories/GHSA-69f9-5gxw-wvc2
reference_id GHSA-69f9-5gxw-wvc2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-69f9-5gxw-wvc2
10
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69224, GHSA-69f9-5gxw-wvc2
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrus-4szm-c3bj
12
url VCID-qt9z-6kwe-wbht
vulnerability_id VCID-qt9z-6kwe-wbht
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34514.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34514.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34514
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.1165
published_at 2026-04-29T12:55:00Z
1
value 0.00039
scoring_system epss
scoring_elements 0.11693
published_at 2026-04-18T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11694
published_at 2026-04-16T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11732
published_at 2026-04-26T12:55:00Z
4
value 0.00039
scoring_system epss
scoring_elements 0.11778
published_at 2026-04-24T12:55:00Z
5
value 0.00039
scoring_system epss
scoring_elements 0.1181
published_at 2026-04-21T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.13732
published_at 2026-04-02T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.13791
published_at 2026-04-04T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18323
published_at 2026-04-13T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.18287
published_at 2026-04-07T12:55:00Z
10
value 0.00059
scoring_system epss
scoring_elements 0.18375
published_at 2026-04-12T12:55:00Z
11
value 0.00059
scoring_system epss
scoring_elements 0.18423
published_at 2026-04-09T12:55:00Z
12
value 0.00059
scoring_system epss
scoring_elements 0.1837
published_at 2026-04-08T12:55:00Z
13
value 0.00059
scoring_system epss
scoring_elements 0.18422
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34514
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34514
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34514
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:07:10Z/
url https://github.com/aio-libs/aiohttp/commit/9a6ada97e2c6cf1ce31727c6c9fcea17c21f6f06
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:07:10Z/
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-02T14:07:10Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-2vrm-gr82-f7m5
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34514
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34514
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454102
reference_id 2454102
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454102
11
reference_url https://github.com/advisories/GHSA-2vrm-gr82-f7m5
reference_id GHSA-2vrm-gr82-f7m5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2vrm-gr82-f7m5
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34514, GHSA-2vrm-gr82-f7m5
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qt9z-6kwe-wbht
13
url VCID-sjws-ddnq-fke2
vulnerability_id VCID-sjws-ddnq-fke2
summary 
AIOHTTP's HTTP Parser auto_decompress feature is vulnerable to zip bomb
### Summary
A zip bomb can be used to execute a DoS against the aiohttp server.

### Impact
An attacker may be able to send a compressed request that when decompressed by aiohttp could exhaust the host's memory.

------

Patch: https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69223.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69223.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69223
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.1943
published_at 2026-04-29T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19467
published_at 2026-04-26T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19479
published_at 2026-04-24T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19584
published_at 2026-04-21T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19572
published_at 2026-04-18T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19565
published_at 2026-04-16T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19637
published_at 2026-04-08T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19835
published_at 2026-04-04T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19557
published_at 2026-04-07T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19689
published_at 2026-04-09T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19587
published_at 2026-04-13T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.19782
published_at 2026-04-02T12:55:00Z
12
value 0.00063
scoring_system epss
scoring_elements 0.19646
published_at 2026-04-12T12:55:00Z
13
value 0.00063
scoring_system epss
scoring_elements 0.19695
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69223
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69223
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69223
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:26:17Z/
url https://github.com/aio-libs/aiohttp/commit/2b920c39002cee0ec5b402581779bbaaf7c9138a
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:26:17Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-6mq8-rvhq-8wgg
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69223
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69223
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427456
reference_id 2427456
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427456
9
reference_url https://github.com/advisories/GHSA-6mq8-rvhq-8wgg
reference_id GHSA-6mq8-rvhq-8wgg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6mq8-rvhq-8wgg
10
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
11
reference_url https://access.redhat.com/errata/RHSA-2026:1249
reference_id RHSA-2026:1249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1249
12
reference_url https://access.redhat.com/errata/RHSA-2026:1497
reference_id RHSA-2026:1497
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1497
13
reference_url https://access.redhat.com/errata/RHSA-2026:1506
reference_id RHSA-2026:1506
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1506
14
reference_url https://access.redhat.com/errata/RHSA-2026:1596
reference_id RHSA-2026:1596
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1596
15
reference_url https://access.redhat.com/errata/RHSA-2026:1599
reference_id RHSA-2026:1599
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1599
16
reference_url https://access.redhat.com/errata/RHSA-2026:1609
reference_id RHSA-2026:1609
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1609
17
reference_url https://access.redhat.com/errata/RHSA-2026:2106
reference_id RHSA-2026:2106
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2106
18
reference_url https://access.redhat.com/errata/RHSA-2026:2695
reference_id RHSA-2026:2695
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:2695
19
reference_url https://access.redhat.com/errata/RHSA-2026:3461
reference_id RHSA-2026:3461
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3461
20
reference_url https://access.redhat.com/errata/RHSA-2026:3462
reference_id RHSA-2026:3462
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3462
21
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
22
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
23
reference_url https://access.redhat.com/errata/RHSA-2026:3958
reference_id RHSA-2026:3958
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3958
24
reference_url https://access.redhat.com/errata/RHSA-2026:3959
reference_id RHSA-2026:3959
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3959
25
reference_url https://access.redhat.com/errata/RHSA-2026:3960
reference_id RHSA-2026:3960
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3960
26
reference_url https://access.redhat.com/errata/RHSA-2026:6308
reference_id RHSA-2026:6308
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6308
27
reference_url https://access.redhat.com/errata/RHSA-2026:6309
reference_id RHSA-2026:6309
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6309
28
reference_url https://access.redhat.com/errata/RHSA-2026:6404
reference_id RHSA-2026:6404
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6404
29
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69223, GHSA-6mq8-rvhq-8wgg
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjws-ddnq-fke2
14
url VCID-t9gx-etxx-vkgb
vulnerability_id VCID-t9gx-etxx-vkgb
summary 
AIOHTTP vulnerable to DoS when bypassing asserts
### Summary
When assert statements are bypassed, an infinite loop can occur, resulting in a DoS attack when processing a POST body.

### Impact
If optimisations are enabled (`-O` or `PYTHONOPTIMIZE=1`), and the application includes a handler that uses the `Request.post()` method, then an attacker may be able to execute a DoS attack with a specially crafted message.

------

Patch: https://github.com/aio-libs/aiohttp/commit/bc1319ec3cbff9438a758951a30907b072561259
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69227.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69227.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69227
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.1943
published_at 2026-04-29T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19467
published_at 2026-04-26T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19479
published_at 2026-04-24T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19584
published_at 2026-04-21T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19572
published_at 2026-04-18T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19565
published_at 2026-04-16T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19637
published_at 2026-04-08T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19835
published_at 2026-04-04T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19557
published_at 2026-04-07T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19689
published_at 2026-04-09T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19587
published_at 2026-04-13T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.19782
published_at 2026-04-02T12:55:00Z
12
value 0.00063
scoring_system epss
scoring_elements 0.19646
published_at 2026-04-12T12:55:00Z
13
value 0.00063
scoring_system epss
scoring_elements 0.19695
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69227
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69227
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69227
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/bc1319ec3cbff9438a758951a30907b072561259
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:12Z/
url https://github.com/aio-libs/aiohttp/commit/bc1319ec3cbff9438a758951a30907b072561259
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-jj3x-wxrx-4x23
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:12Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-jj3x-wxrx-4x23
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69227
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69227
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427256
reference_id 2427256
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427256
9
reference_url https://github.com/advisories/GHSA-jj3x-wxrx-4x23
reference_id GHSA-jj3x-wxrx-4x23
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jj3x-wxrx-4x23
10
reference_url https://access.redhat.com/errata/RHSA-2026:10184
reference_id RHSA-2026:10184
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:10184
11
reference_url https://access.redhat.com/errata/RHSA-2026:3782
reference_id RHSA-2026:3782
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3782
12
reference_url https://access.redhat.com/errata/RHSA-2026:5809
reference_id RHSA-2026:5809
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5809
13
reference_url https://access.redhat.com/errata/RHSA-2026:6761
reference_id RHSA-2026:6761
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6761
14
reference_url https://access.redhat.com/errata/RHSA-2026:6762
reference_id RHSA-2026:6762
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:6762
15
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69227, GHSA-jj3x-wxrx-4x23
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t9gx-etxx-vkgb
15
url VCID-tmjw-8cdt-7yf7
vulnerability_id VCID-tmjw-8cdt-7yf7
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34520.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34520.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-34520
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13027
published_at 2026-04-04T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13732
published_at 2026-04-02T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17325
published_at 2026-04-07T12:55:00Z
3
value 0.00055
scoring_system epss
scoring_elements 0.17329
published_at 2026-04-16T12:55:00Z
4
value 0.00055
scoring_system epss
scoring_elements 0.17387
published_at 2026-04-13T12:55:00Z
5
value 0.00055
scoring_system epss
scoring_elements 0.17441
published_at 2026-04-12T12:55:00Z
6
value 0.00055
scoring_system epss
scoring_elements 0.17488
published_at 2026-04-11T12:55:00Z
7
value 0.00055
scoring_system epss
scoring_elements 0.17476
published_at 2026-04-09T12:55:00Z
8
value 0.00055
scoring_system epss
scoring_elements 0.17416
published_at 2026-04-08T12:55:00Z
9
value 0.00057
scoring_system epss
scoring_elements 0.17799
published_at 2026-04-29T12:55:00Z
10
value 0.00057
scoring_system epss
scoring_elements 0.17948
published_at 2026-04-21T12:55:00Z
11
value 0.00057
scoring_system epss
scoring_elements 0.17912
published_at 2026-04-18T12:55:00Z
12
value 0.00057
scoring_system epss
scoring_elements 0.17836
published_at 2026-04-26T12:55:00Z
13
value 0.00057
scoring_system epss
scoring_elements 0.17858
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-34520
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34520
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:13:19Z/
url https://github.com/aio-libs/aiohttp/commit/9370b9714a7a56003cacd31a9b4ae16eab109ba4
6
reference_url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:13:19Z/
url https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4
7
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value LOW
scoring_system cvssv3.1_qr
scoring_elements
2
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-04T03:13:19Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-63hf-3vf5-4wqf
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-34520
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-34520
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
reference_id 1132582
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132582
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2454094
reference_id 2454094
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2454094
11
reference_url https://github.com/advisories/GHSA-63hf-3vf5-4wqf
reference_id GHSA-63hf-3vf5-4wqf
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-63hf-3vf5-4wqf
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.5-1
purl pkg:deb/debian/python-aiohttp@3.13.5-1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.5-1
aliases CVE-2026-34520, GHSA-63hf-3vf5-4wqf
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmjw-8cdt-7yf7
16
url VCID-vqvz-jfqh-jkaz
vulnerability_id VCID-vqvz-jfqh-jkaz
summary 
AIOHTTP vulnerable to brute-force leak of internal static file path components
### Summary
Path normalization for static files prevents path traversal, but opens up the ability for an attacker to ascertain the
existence of absolute path components.

### Impact
If an application uses `web.static()` (not recommended for production deployments), it may be possible for an attacker to ascertain the existence of path components.

------

Patch: https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69226.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69226.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69226
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19575
published_at 2026-04-29T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.19611
published_at 2026-04-26T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19625
published_at 2026-04-24T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.1973
published_at 2026-04-21T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19718
published_at 2026-04-18T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19716
published_at 2026-04-16T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19982
published_at 2026-04-04T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.1984
published_at 2026-04-09T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19788
published_at 2026-04-08T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19708
published_at 2026-04-07T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19741
published_at 2026-04-13T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.19927
published_at 2026-04-02T12:55:00Z
12
value 0.00063
scoring_system epss
scoring_elements 0.19798
published_at 2026-04-12T12:55:00Z
13
value 0.00063
scoring_system epss
scoring_elements 0.19843
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69226
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69226
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69226
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:35Z/
url https://github.com/aio-libs/aiohttp/commit/f2a86fd5ac0383000d1715afddfa704413f0711e
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-54jq-c3m8-4m76
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
2
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
3
value LOW
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:25:35Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-54jq-c3m8-4m76
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69226
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69226
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427245
reference_id 2427245
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427245
9
reference_url https://github.com/advisories/GHSA-54jq-c3m8-4m76
reference_id GHSA-54jq-c3m8-4m76
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-54jq-c3m8-4m76
10
reference_url https://usn.ubuntu.com/8032-1/
reference_id USN-8032-1
reference_type
scores
url https://usn.ubuntu.com/8032-1/
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69226, GHSA-54jq-c3m8-4m76
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vqvz-jfqh-jkaz
17
url VCID-zm3a-mf2z-xfcm
vulnerability_id VCID-zm3a-mf2z-xfcm
summary 
AIOHTTP Vulnerable to Cookie Parser Warning Storm
### Summary
Reading multiple invalid cookies can lead to a logging storm.

### Impact
If the ``cookies`` attribute is accessed in an application, then an attacker may be able to trigger a storm of warning-level logs using a specially crafted Cookie header.

----

Patch: https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69230.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69230.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-69230
reference_id
reference_type
scores
0
value 0.00014
scoring_system epss
scoring_elements 0.02675
published_at 2026-04-29T12:55:00Z
1
value 0.00014
scoring_system epss
scoring_elements 0.02618
published_at 2026-04-26T12:55:00Z
2
value 0.00014
scoring_system epss
scoring_elements 0.02629
published_at 2026-04-24T12:55:00Z
3
value 0.00014
scoring_system epss
scoring_elements 0.02641
published_at 2026-04-21T12:55:00Z
4
value 0.00014
scoring_system epss
scoring_elements 0.02533
published_at 2026-04-18T12:55:00Z
5
value 0.00014
scoring_system epss
scoring_elements 0.02528
published_at 2026-04-16T12:55:00Z
6
value 0.00014
scoring_system epss
scoring_elements 0.02546
published_at 2026-04-07T12:55:00Z
7
value 0.00014
scoring_system epss
scoring_elements 0.02572
published_at 2026-04-09T12:55:00Z
8
value 0.00014
scoring_system epss
scoring_elements 0.02543
published_at 2026-04-12T12:55:00Z
9
value 0.00014
scoring_system epss
scoring_elements 0.02551
published_at 2026-04-08T12:55:00Z
10
value 0.00014
scoring_system epss
scoring_elements 0.02541
published_at 2026-04-13T12:55:00Z
11
value 0.00014
scoring_system epss
scoring_elements 0.02529
published_at 2026-04-02T12:55:00Z
12
value 0.00014
scoring_system epss
scoring_elements 0.02554
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-69230
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69230
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69230
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/aio-libs/aiohttp
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/aio-libs/aiohttp
5
reference_url https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:24:37Z/
url https://github.com/aio-libs/aiohttp/commit/64629a0834f94e46d9881f4e99c41a137e1f3326
6
reference_url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g
reference_id
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-01-06T14:24:37Z/
url https://github.com/aio-libs/aiohttp/security/advisories/GHSA-fh55-r93g-j68g
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-69230
reference_id
reference_type
scores
0
value 2.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:U
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-69230
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2427255
reference_id 2427255
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2427255
9
reference_url https://github.com/advisories/GHSA-fh55-r93g-j68g
reference_id GHSA-fh55-r93g-j68g
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fh55-r93g-j68g
fixed_packages
0
url pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
purl pkg:deb/debian/python-aiohttp@3.11.16-1%2Bdeb13u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1
1
url pkg:deb/debian/python-aiohttp@3.13.3-3
purl pkg:deb/debian/python-aiohttp@3.13.3-3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-19q4-vzzb-8uca
1
vulnerability VCID-5f1f-mrwv-zucz
2
vulnerability VCID-cg9h-fysf-xygf
3
vulnerability VCID-drqp-x9gc-2qd3
4
vulnerability VCID-g4rj-1kzy-pkft
5
vulnerability VCID-hyh4-58xy-xfge
6
vulnerability VCID-kf4p-q9n9-ayhn
7
vulnerability VCID-qt9z-6kwe-wbht
8
vulnerability VCID-tmjw-8cdt-7yf7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.13.3-3
aliases CVE-2025-69230, GHSA-fh55-r93g-j68g
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zm3a-mf2z-xfcm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/python-aiohttp@3.11.16-1%252Bdeb13u1