Withdrawn: Denial of Service in aiohttp

GHSA-rwqr-c348-m5wr · CVE-2022-33124

Published Jun 24, 2022 · Modified Jun 10, 2026

Description

Withdrawn

This advisory has been withdrawn because the maintainers of aiohttp and multiple third parties disputed the validity of the issue. There is not sufficient evidence for the claims in the original report.

Original Description

aiohttp v3.8.1 was discovered to contain an invalid IPv6 URL which can lead to a Denial of Service (DoS).

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2022-33124
WEB https://github.com/aio-libs/aiohttp/issues/6772
PACKAGE https://github.com/aio-libs/aiohttp
WEB https://github.com/pypa/advisory-database/tree/main/vulns/aiohttp/PYSEC-2022-43059.yaml

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes