aiohttp
Security Risk Profile
Security Risk Score
Comprehensive risk assessment based on 36 vulnerabilities, EPSS scores, exploitation status, and remediation availability.
📅 Data spans from February 26, 2021 to present
Threat Assessment
Severity Distribution
Exploit Likelihood
Age Distribution
Common Weaknesses (CWE)
Most Affected Products
Recent Vulnerabilities
See more →AIOHTTP: Duplicate Host header accepted
AIOHTTP: C parser (llhttp) accepts null bytes and control characters in response header values - header injection / security bypass
AIOHTTP: HTTP response splitting via \r in reason phrase
AIOHTTP: Cookie and Proxy-Authorization headers leaked on cross-origin redirect
AIOHTTP: Late size enforcement for non-file multipart fields causes memory DoS
AIOHTTP: Multipart Header Size Bypass
AIOHTTP: UNC SSRF/NTLMv2 Credential Theft/Local File Read in static resource handler on Windows
AIOHTTP: CRLF injection in multipart part content type header construction
AIOHTTP: Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector
AIOHTTP: Uncapped memory usage possible through aiohttp allowing unlimited trailer headers
Monitor aiohttp in Real-Time
Get instant alerts when new vulnerabilities are discovered. Stay ahead of security threats with SecAlerts.