python · aiohttpHeads-up
aiohttp: Unbounded Pipelined Request Queue Leading to DoS
No limit was present on the number of pipelined requests that could be queued, potentially leading to excessive memory usage and DoS.
What changed
No limit was present on the number of pipelined requests that could be queued, potentially leading to excessive memory usage and DoS.
Who it affects
Users of aiohttp who accept pipelined requests.
What to do today
Apply the patch from commit dfdfa9d5aad5d21f91c79fb2ceeba0f8046cb6cf to limit pipelined requests.
The trail
Collected→
Audited→
Written→
Published