Gentoo Linux Security Advisory 202007-24 - Multiple vulnerabilities have been found in Twisted, the worst of which could result in a Denial of Service condition. Versions less than 20.3.0 are affected.
80a86d46f007cc3808d0529492a3ff506a6dd8a71448b8dcbd5ab3255d5c22bcRed Hat Security Advisory 2020-1561-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. HTTP request smuggling vulnerabilities were addressed.
321382f48e82e5efce5f3aebe58bc72acf3ace69b733bfef5687079a8919a53dUbuntu Security Notice 4308-2 - USN-4308-1 fixed several vulnerabilities in Twisted. This update provides the corresponding update for Ubuntu 14.04 ESM. it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. Various other issues were also addressed.
39bb858ec4921004263891b18b84c7e30cbaece7168ad65d0909bacbbf72c14eUbuntu Security Notice 4308-1 - it was discovered that Twisted incorrectly validated or sanitized certain URIs or HTTP methods. A remote attacker could use this issue to inject invalid characters and possibly perform header injection attacks. It was discovered that Twisted incorrectly verified XMPP TLS certificates. A remote attacker could possibly use this issue to perform a man-in-the-middle attack and obtain sensitive information. Various other issues were also addressed.
ffdb0ccca94ded3b06bc7f31916de1a632873a8b9417f51bc485880741f8a609
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed