rpm package
opensuse/python3-Twisted&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/python3-Twisted&distro=openSUSE%20Leap%2015.5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-41810 | — | < 22.2.0-150400.21.1 | 22.2.0-150400.21.1 | Jul 29, 2024 | Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflecte | ||
| CVE-2024-41671 | Hig | 8.3 | < 22.2.0-150400.21.1 | 22.2.0-150400.21.1 | Jul 29, 2024 | Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1. | |
| CVE-2023-46137 | — | < 22.2.0-150400.15.1 | 22.2.0-150400.15.1 | Oct 25, 2023 | Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled b |
- CVE-2024-41810Jul 29, 2024affected < 22.2.0-150400.21.1fixed 22.2.0-150400.21.1
Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflecte
- affected < 22.2.0-150400.21.1fixed 22.2.0-150400.21.1
Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1.
- CVE-2023-46137Oct 25, 2023affected < 22.2.0-150400.15.1fixed 22.2.0-150400.15.1
Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled b