Workflow

Aiohttp

Latest version: v3.13.3

The latest version of aiohttp with no known security vulnerabilities is 3.13.3. We recommend installing version 3.13.3.

The information on this page was curated by experts in our Cybersecurity Intelligence Team.

Latest release
v3.13.3 at Jan. 3, 2026
License
Apache-2.0 (Apache License 2.0)

Description

Async http client/server framework (asyncio)

Resources

Vulnerabilities (26)

See all vulnerabilities
CVE-2024-52303
Affected versions:

>=3.10.6rc0,<3.10.11 | >=3.11.0b0,<3.11.0

Affected versions of aiohttp are vulnerable to Middleware Cach…
CVE-2023-49081
Affected versions:

>=2.0.0rc1,<3.9.0 | >=4.0.0a0,<=4.0.0a1

Affected versions of the `aiohttp` package are vulnerable to I…
CVE-2024-27306
Affected versions:

>=1.0.0,<3.9.4 | >=4.0.0a0,<=4.0.0a1

Affected versions of the `aiohttp` package are vulnerable to C…
CVE-2024-30251
Affected versions:

<3.9.4

Affected versions of `aiohttp` are vulnerable to an infinite l…
CVE-2024-23829
Affected versions:

<3.9.1

The aiohttp versions minor than 3.9. has a vulnerability that …
CVE-2023-49082
Affected versions:

<3.9.0

Affected versions of `aiohttp` are vulnerable to an Improper V…

Versions (306)

See all versions

Has known vulnerabilities

  • 4.0.0a1
  • 4.0.0a0
  • 3.13.3
  • 3.13.2
  • 3.13.1
  • 3.13.0
  • 3.12.15
  • 3.12.14
  • 3.12.13
  • 3.12.12
  • 3.12.11
  • 3.12.10
  • 3.12.9
  • 3.12.8
  • 3.12.7
  • 3.12.7rc0
  • 3.12.6
  • 3.12.4
  • 3.12.3
  • 3.12.2