Security Advisory

CVE-2025-69225

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-05 23:16:19

Last updated 2026-01-06 19:02:59

Assigner GitHub_M

State PUBLISHED

Description

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below contain parser logic which allows non-ASCII decimals to be present in the Range header. There is no known impact, but there is the possibility that theres a method to exploit a request smuggling vulnerability. This issue is fixed in version 3.13.3.

← Browse all CVEs View on cve.org ↗