VYPR

rpm package

suse/python3-Twisted&distro=SUSE Linux Enterprise Module for Server Applications 15 SP5

pkg:rpm/suse/python3-Twisted&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5

Vulnerabilities (3)

  • CVE-2024-41810Jul 29, 2024
    affected < 22.2.0-150400.21.1fixed 22.2.0-150400.21.1

    Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflecte

  • CVE-2024-41671HigJul 29, 2024
    affected < 22.2.0-150400.21.1fixed 22.2.0-150400.21.1

    Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1.

  • CVE-2023-46137Oct 25, 2023
    affected < 22.2.0-150400.15.1fixed 22.2.0-150400.15.1

    Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled b