Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 16 results


CVE-2024-41810

Medium priority
Fixed

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2024-41671

Medium priority
Fixed

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed Fixed Fixed Not affected
Show less packages

CVE-2023-46137

Medium priority

Some fixes available 6 of 9

Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed Fixed Needs evaluation Needs evaluation
Show less packages

CVE-2022-39348

Low priority

Some fixes available 2 of 6

Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Not affected Fixed Fixed Vulnerable Needs evaluation
Show less packages

CVE-2022-24801

Medium priority

Some fixes available 6 of 11

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed Ignored Ignored Vulnerable
Show less packages

CVE-2022-21716

Medium priority
Fixed

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier....

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-21712

Medium priority

Some fixes available 9 of 11

twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent`...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed Fixed Fixed Vulnerable
Show less packages

CVE-2020-10109

Medium priority
Fixed

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed
Show less packages

CVE-2020-10108

Medium priority
Fixed

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body...

1 affected packages

twisted

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted Fixed Fixed
Show less packages

CVE-2014-7143

Medium priority
Not affected

Python Twisted 14.0 trustRoot is not respected in HTTP client

2 affected packages

twisted, twisted-py3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
twisted
twisted-py3
Show less packages