You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
aiohttp
About this tag
The aiohttp tag on WindowsForum.com covers discussions about the Python async HTTP framework, including security vulnerabilities and updates. A recent thread highlights a critical denial-of-service vulnerability, CVE-2024-30251, which allows an unauthenticated attacker to crash aiohttp applications via a crafted multipart POST request. The fix is available in aiohttp 3.9.4. This tag is relevant for developers and IT professionals using aiohttp in Python web services, particularly those concerned with availability and patching.
A critical denial‑of‑service vulnerability in the widely used Python HTTP framework aiohttp lets a remote, unauthenticated attacker stop an application from serving requests by sending a single specially crafted multipart/form-data POST. The flaw — tracked as CVE‑2024‑30251 and fixed in aiohttp...