CVE-2026-34513

EPSS 0.06%
Veröffentlicht 01.04.2026 20:06:13
Zuletzt bearbeitet 15.04.2026 14:16:06
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

AIOHTTP: Denial of Service (DoS) via Unbounded DNS Cache in TCPConnector

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, an unbounded DNS cache could result in excessive memory usage possibly resulting in a DoS situation. This issue has been patched in version 3.13.4.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Aiohttp ≫ Aiohttp Version < 3.13.4

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.176

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security-advisories@github.com	2.7	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

https://github.com/aio-libs/aiohttp/releases/tag/v3.13.4

Release Notes

https://github.com/aio-libs/aiohttp/security/advisories/GHSA-hcc4-c3v8-rx92

Patch

Vendor Advisory

https://github.com/aio-libs/aiohttp/commit/c4d77c3533122be353b8afca8e8675e3b4cbda98

Patch

https://nvd.nist.gov/vuln/detail/CVE-2026-34513

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-34513

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-34513

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-34513