2026-01-05 22:00:17
GitHub_M
PUBLISHED
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below allow a zip bomb to be used to execute a DoS against the AIOHTTP server. An attacker may be able to send a compressed request that when decompressed by AIOHTTP could exhaust the hosts memory. This issue is fixed in version 3.13.3.