Wind River Support Network

HomeDefectsLIN1025-8818
Fixed

LIN1025-8818 : Security Advisory - python3-aiohttp - CVE-2026-34520

Created: Apr 2, 2026    Updated: May 10, 2026
Resolved Date: May 7, 2026
Found In Version: 10.25.33.2
Fix Version: 10.25.33.9
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Userspace

Description

AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.13.4, the C parser (the default for most installs) accepted null bytes and control characters in response headers. This issue has been patched in version 3.13.4.

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube