AIOHTTP logo with a Python-themed background, representing the affected asynchronous HTTP framework.

🚨 CVE of the Day: CVE-2025-69228

A memory exhaustion flaw in AIOHTTP lets attackers freeze Python async servers by abusing Request.post. A single crafted request can exhaust memory and cause a denial of service

🔍 Our report:
basefortify.eu/cve_reports/...

#CVE #Python #AIOHTTP #DoS #CyberSecurity

Анализируем MLP сообщество на Пикабу или как я спарсил 65 тысяч постов с Pikabu и построил интерактивный дашборд ...

#python #парсинг #data #analysis #streamlit #дэшборд #пикабу #aiohttp #визуализация #данных #пет-проект

Origin | Interest | Match

The #python library #aiohttp uses #yarl for URLs internally, and yarl normalizes URLs by default. It silently decodes some %-encoded characters in the query string that do not strictly need to be encoded.

Sounds harmless, but it isn't. Changing the URL breaks any protocol that signs important […]

#python #asyncio #aio-libs #aiohttp

Found the issue with #python #aiohttp. The issue is that I used the client to call the app, but did not collected the data. I setup a cluster of servers wrote a get function that collected the results from all of them, but only pulled the data for the first one. Not 100% sure, but got it working.

The #python #aiohttp is not working as expected. I keep getting a socket left open even though the ClientSession has been closed. The instigator for the error seems to be transferring the results from one class to another, or using one result when several are collected.

Release 3.12.4 · aio-libs/aiohttp Bug fixes Fixed connector not waiting for connections to close before returning from :meth:~aiohttp.BaseConnector.close (partial backport of :pr:3733) -- by :user:atemate and :user:bdraco. Relate...

🚀 aiohttp 3.12.4 is out! 🐛 Bug fix: connector now properly waits for connections to close before returning from close(). Thanks to github.com/atemate! #aiohttp #python

github.com/aio-libs/aio...

Release 3.12.2 · aio-libs/aiohttp Bug fixes Fixed Content-Length header not being set to 0 for non-GET requests with None body -- by :user:bdraco. Non-GET requests (POST, PUT, PATCH, DELETE) with None as the body now correctly se...

aiohttp 3.12.2 is out! Fixes Content-Length header regression for non-GET requests with None body. Now correctly sets to 0. #python #aiohttp

github.com/aio-libs/aio...

#Python #aiohttp #aiohttp

#Python #aiohttp #aiohttp

@bdraco.org made the #PyConUS sprint beyond productive!

#aio-libs #aiohttp #Python #PyConUS2025

@webknjaz, @sirosen, @achimnol, @bdraco and @devanshu-ziphq

Had a great time hacking on @aiohttp.org (@bdraco.org and @webknjaz.me).

Got a few new contributors and sirosen lurking in, as well as achimnol the aiosignal maintainer.

Looking forward to gathering again tomorrow!

us.pycon.org/2025/events/...

#aio-libs #aiohttp #Python #PyConUS

#Python #asyncio #aiohttp

Thanks to months of consistent contributions by
lysnikolaou of @quansight.com (Lysandros Nikolaou), all of the mandatory dependencies of #aiohttp now ship free-threaded variants of #wheels!

This unlocks the same in aiohttp!

Find a minute to thank him, will you?

#aio-libs #Python #Packaging

multidict v6.2.0 is out.

The most prominent update in that it started shipping free-threaded wheels.

multidict.aio-libs.org/en/stable/ch...

#Python #aio-libs #asyncio #aiohttp

#python #aiohttp #asyncio

A plane wing visible from a plane window.

Sam Bull (left) and @webknjaz at the end of the sprint day.

@tiangolo pitching the project.

Man Group office entrance.

✈️ Going home following the #aiohttp #sprint at Man Group hackathon. Got to see two other active maintainers IRL 🎉, and maintainers of other wonderful projects (👋 @tiangolo @jarekpotiuk).

Met many outstanding contributors and had fun exploring rabbit holes!

Tnx, Man!

#python

Selfie of @webknjaz.me on the train, in Red Hat fedora, with a suitcase having an Ansible logo.

Off to Man Group hackathon in London to lead an #aiohttp sprint day with two other maintainers (Nick Koston nand Sam Bull).

Looking forward to seeing a bunch of folks I haven't seen in a while (👋 tiangolo and Jarek Potiuk).

#python #opensource

Sponsor @webknjaz on GitHub Sponsors Support @webknjaz’s open source work!

🎉 PSA: Yesterday I published a pre-release of #aiohttp 3.9.4rc0 fixing attaching exception causes across the framework.

This is going to expand tracebacks due to causation chain.

github.com/aio-libs/aio...

$ python3.12 -Im pip install aiohttp==3.9.4rc0

🐍 #python

github.com/sponsors/web...

🎉 PSA: Yesterday I released multidict 6.0.5 (dependency of #aiohttp) shipping wheels for Python 3.12 and addressing SEGFAULTs.

github.com/aio-libs/mul...

$ python3.12 -Im pip install --upgrade multidict

🐍 #python

github.com/sponsors/web...

🎉 And another bugfix release #aiohttp v3.9.3 is out now!

Go do the thing!

$ python3.12 -Im pip install --upgrade aiohttp

pypi.org/p/aiohttp

🙌 Please, thank Sam for doing the release management and maintenance! github.com/sponsors/Dre...

🐍 #python

I just posted a blog on how to access vCenter Inventory using async Python. Enjoy!

#vCenter #Inventory #cmdb #python #aiohttp

blogs.vmware.com/code/2023/12...

🎉 And today, I finally got to release `frozenlist` v1.4.1 that features Python 3.12 wheels and a big packaging revamp! Following a similar `yarl` release.

$ python3.12 -Im pip install -U frozenlist yarl

📦 Happy w/ new packaging! github.com/sponsors/web...
Up next: multidict

🐍 #python #aiohttp

Sponsor @Dreamsorcerer on GitHub Sponsors Support Dreamsorcerer's open source work

🎉 So a new stable #aiohttp v3.9.0 just got released and I wasn't involved as much as usual... It ships wheels for Python 3.12 — one of the most asked things.

🙌 Please, thank Sam for the tremendous effort of getting it across the finish line! https://github.com/sponsors/Dreamsorcerer

🐍 #python

Tutoriel #python #asyncio et #aiohttp à la @pyconfr avec @GMLudo A vos async/await et à vos event loops 2016.pycon.fr/pages/programme.html