Medium5.9Red Hat Linux Updated
Denial of Service via excessive pipelined requests
CVE-2026-54273 Published Jun 22, 2026Updated by vendor Jun 22, 2026
Affected products & platforms
Red Hat LinuxUnclassified
Summary
Denial of Service via excessive pipelined requests. Red Hat rates this moderate (CVSS 5.9). Weakness: CWE-770.
Affected versions
- < 3.14.1
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
Recommended fix / mitigation
- Update the aiohttp package to version 3.14.1 or later. Until updated builds are available for a given product, reduce exposure by not exposing aiohttp-based HTTP/1 servers directly to untrusted networks. A reverse proxy in front of the service can help limit abusive pipelined request patterns. Installations that use aiohttp only as an HTTP client, or that do not accept HTTP/1 pipelined requests on an aiohttp server, are not affected by this flaw.
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.