Sign In

CVE-2026-54274

ADVISORY - github

Summary

Summary

If an attacker sends large incomplete websocket frame payloads, it may be possible to bypass the usual size limits on memory use.

Impact

If a web application has WebSocket endpoints, it may be possible for an attacker to execute a DoS attack through excessive memory use.

Patch: https://github.com/aio-libs/aiohttp/commit/14b6ee851fb16ec199acb950de0c82d476799e7d

EPSS Score: 0.00024 (0.072)

Common Weakness Enumeration (CWE)

ADVISORY - github

CWE-770

Allocation of Resources Without Limits or Throttling

Impacted images

Advisories
Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.

Sign in