CVE-2025-69229: AIOHTTP vulnerable to DoS through chunked messages
(updated )
Handling of chunked messages can result in excessive blocking CPU usage when receiving a large number of chunks.
References
- github.com/advisories/GHSA-g84x-mcqj-x9qq
- github.com/aio-libs/aiohttp
- github.com/aio-libs/aiohttp/commit/4ed97a4e46eaf61bd0f05063245f613469700229
- github.com/aio-libs/aiohttp/commit/dc3170b56904bdf814228fae70a5501a42a6c712
- github.com/aio-libs/aiohttp/security/advisories/GHSA-g84x-mcqj-x9qq
- nvd.nist.gov/vuln/detail/CVE-2025-69229
Code Behaviors & Features
Detect and mitigate CVE-2025-69229 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →