CVE-2025-69230

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions AIOHTTP versions 3.13.2 and below

Description AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Accessing the cookies attribute in an application with versions 3.13.2 and below can lead to a logging storm when processing multiple invalid cookies. An attacker may be able to trigger a large number of warning-level logs by using a specially crafted Cookie header.

Recommendations Update AIOHTTP to version 3.13.3 or later.

Exploit

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-779

Related Identifiers

BDU:2026-07360

CVE-2025-69230

ECHO-EBE2-E1B5-8DBB

GHSA-FH55-R93G-J68G

OPENSUSE-SU-2026:10025-1

Affected Products

Aiohttp

Debian

Red Os

CVE-2025-69230

Weakness Enumeration

Related Identifiers

Affected Products

References · 31