Ecosyste.ms: Packages

An open API service providing package, version and dependency metadata of many open source software ecosystems and registries.

Top 0.2% on pypi.org
Top 0.1% downloads on pypi.org
Top 0.1% dependent packages on pypi.org
Top 0.1% dependent repos on pypi.org
Top 0.6% forks on pypi.org
Top 0.1% docker downloads on pypi.org

pypi.org : aiohttp

Async http client/server framework (asyncio)

Registry - Source - Documentation - JSON
purl: pkg:pypi/aiohttp
Keywords: aiohttp, async, asyncio, hacktoberfest, http, http-client, http-server, python
License: Apache-2.0
Latest release: about 1 month ago
First release: over 10 years ago
Dependent packages: 5,267
Dependent repositories: 66,431
Downloads: 113,037,118 last month
Stars: 14,254 on GitHub
Forks: 1,993 on GitHub
Docker dependents: 7,069
Docker downloads: 2,314,346,245
Total Commits: 8438
Committers: 721
Average commits per author: 11.703
Development Distribution Score (DDS): 0.548
More commit stats: commits.ecosyste.ms
See more repository details: repos.ecosyste.ms
Funding links: https://github.com/sponsors/asvetlov, https://github.com/sponsors/webknjaz, https://github.com/sponsors/Dreamsorcerer
Last synced: about 21 hours ago

Moderate
GSA_kwCzR0hTQS03Z3B3LTh3bWMtcG04Z84AA7Ls
aiohttp Cross-site Scripting vulnerability on index pages for static file handling
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 30 days ago
Moderate
GSA_kwCzR0hTQS01aDg2LThtdjItanE5Zs4AA47u
aiohttp is vulnerable to directory traversal
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 4 months ago
High
GSA_kwCzR0hTQS1xM3F4LWM2ZzItN3B3Ms4AA3Yd
aiohttp's ClientSession is vulnerable to CRLF injection via version
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1nZncyLTRqdmgtd2dmZ84AA3K1
AIOHTTP has problems in HTTP parser (the python one, not llhttp)
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 6 months ago
Low
GSA_kwCzR0hTQS14eDlwLXh4dmgtN2c4as4AA3Hw
Aiohttp has inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` differing in C and Python fallbacks
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS04cXB3LXhxeGotaDRyMs4AA47q
aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 4 months ago
Moderate
GSA_kwCzR0hTQS1yd3FyLWMzNDgtbTV3cs4AAs7f
Withdrawn: Denial of Service in aiohttp
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: almost 2 years ago
Withdrawn: almost 2 years ago
High
GSA_kwCzR0hTQS01bTk4LXFnZzktd2g4NM4AA7vP
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 15 days ago
Low
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2d3AtNG02Zi1nY2pn
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware)
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: about 3 years ago
Moderate
GSA_kwCzR0hTQS00NWM0LTh3eDUtcXc2d84AA00K
aiohttp.web.Application vulnerable to HTTP request smuggling via llhttp HTTP request parser
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 10 months ago
Moderate
GSA_kwCzR0hTQS1xdnJ3LXY5cnYtNXJqeM4AA3Yc
aiohttp's ClientSession is vulnerable to CRLF injection via method
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 6 months ago
Moderate
GSA_kwCzR0hTQS1wamp3LXFoZzgtcDJwOc4AA3Yb
aiohttp has vulnerable dependency that is vulnerable to request smuggling
Ecosystems: pypi
Packages: aiohttp
Source: github
Published: 6 months ago