GLSA-202301-02 : Twisted: Multiple Vulnerabilities

2023-01-11T00:00:00

Description

The remote host is affected by the vulnerability described in GLSA-202301-02 (Twisted: Multiple Vulnerabilities) - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712) - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716) - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348) Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

{"id": "GENTOO_GLSA-202301-02.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "GLSA-202301-02 : Twisted: Multiple Vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-202301-02 (Twisted: Multiple Vulnerabilities)\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "published": "2023-01-11T00:00:00", "modified": "2023-09-08T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/169834", "reporter": "This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://bugs.gentoo.org/show_bug.cgi?id=834542", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39348", "https://bugs.gentoo.org/show_bug.cgi?id=832875", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21712", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21716", "https://bugs.gentoo.org/show_bug.cgi?id=878499", "https://security.gentoo.org/glsa/202301-02"], "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-39348"], "immutableFields": [], "lastseen": "2023-09-08T20:26:22", "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2022-21712", "ALPINE:CVE-2022-21716"]}, {"type": "amazon", "idList": ["ALAS-2022-1592", "ALAS-2023-1717", "ALAS2-2023-2008"]}, {"type": "cnvd", "idList": ["CNVD-2022-19501"]}, {"type": "cve", "idList": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-39348"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2927-1:FE743", "DEBIAN:DLA-2938-1:F62DC", "DEBIAN:DLA-3212-1:3C838"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-21712", "DEBIANCVE:CVE-2022-21716", "DEBIANCVE:CVE-2022-39348"]}, {"type": "fedora", "idList": ["FEDORA:67A9D305F84D", "FEDORA:6F8003055F54"]}, {"type": "gentoo", "idList": ["GLSA-202301-02"]}, {"type": "github", "idList": ["GHSA-92X2-JW7W-XVVX", "GHSA-FHPF-PP6P-55QC", "GHSA-RV6R-3F5Q-9RGX", "GHSA-VG46-2RRJ-3647"]}, {"type": "ibm", "idList": ["6AB7786E041E27D2A9F0D51E55B4163291062C56CE924F8A2477EAD09C35569A", "C4B5E7CAC069DC1C110C3501074FB57C93180DE314A46BDFD9207A94CAF56A9C", "D75D1F4906CB770C70D8213D83CDF4898056CB3A7E61CC2FD073E6E292BFBAD6"]}, {"type": "mageia", "idList": ["MGASA-2022-0168", "MGASA-2023-0061"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-046.NASL", "AL2022_ALAS2022-2022-231.NASL", "AL2023_ALAS2023-2023-056.NASL", "AL2023_ALAS2023-2023-130.NASL", "AL2_ALAS-2023-2008.NASL", "ALA_ALAS-2022-1592.NASL", "ALA_ALAS-2023-1717.NASL", "DEBIAN_DLA-2927.NASL", "DEBIAN_DLA-2938.NASL", "DEBIAN_DLA-3212.NASL", "OPENSUSE-2022-0499-1.NASL", "REDHAT-RHSA-2022-0982.NASL", "REDHAT-RHSA-2022-0992.NASL", "SOLARIS_JUL2023_SRU11_4_57_144_3.NASL", "SUSE_SU-2022-0499-1.NASL", "SUSE_SU-2022-0734-1.NASL", "SUSE_SU-2022-2070-1.NASL", "SUSE_SU-2022-2117-1.NASL", "SUSE_SU-2022-2297-1.NASL", "SUSE_SU-2022-4000-1.NASL", "SUSE_SU-2022-4057-1.NASL", "SUSE_SU-2022-4074-1.NASL", "UBUNTU_USN-5354-1.NASL", "UBUNTU_USN-5354-2.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2022"]}, {"type": "osv", "idList": ["OSV:DLA-2927-1", "OSV:DLA-2938-1", "OSV:GHSA-92X2-JW7W-XVVX", "OSV:GHSA-FHPF-PP6P-55QC", "OSV:GHSA-RV6R-3F5Q-9RGX", "OSV:GHSA-VG46-2RRJ-3647", "OSV:PYSEC-2022-160", "OSV:PYSEC-2022-27"]}, {"type": "prion", "idList": ["PRION:CVE-2022-21712", "PRION:CVE-2022-21716", "PRION:CVE-2022-39348"]}, {"type": "redhat", "idList": ["RHSA-2022:0982", "RHSA-2022:0992"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-21712", "RH:CVE-2022-21716", "RH:CVE-2022-39348"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2022:0499-1", "SUSE-SU-2022:2070-1", "SUSE-SU-2022:2297-1"]}, {"type": "ubuntu", "idList": ["USN-5354-1", "USN-5354-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-21712", "UB:CVE-2022-21716", "UB:CVE-2022-39348"]}, {"type": "veracode", "idList": ["VERACODE:34064", "VERACODE:34497", "VERACODE:37702"]}]}, "score": {"value": 6.7, "vector": "NONE"}, "epss": [{"cve": "CVE-2022-21712", "epss": 0.00167, "percentile": 0.51914, "modified": "2023-05-02"}, {"cve": "CVE-2022-21716", "epss": 0.00349, "percentile": 0.67524, "modified": "2023-05-02"}, {"cve": "CVE-2022-39348", "epss": 0.00068, "percentile": 0.28015, "modified": "2023-05-02"}], "vulnersScore": 6.7}, "_state": {"dependencies": 1694204944, "score": 1694205071, "epss": 0}, "_internal": {"score_hash": "7b81f5df6bc9b547f29ef9852ade68e3"}, "pluginID": "169834", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202301-02.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169834);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/08\");\n\n script_cve_id(\"CVE-2022-21712\", \"CVE-2022-21716\", \"CVE-2022-39348\");\n\n script_name(english:\"GLSA-202301-02 : Twisted: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202301-02 (Twisted: Multiple Vulnerabilities)\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202301-02\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=832875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=834542\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=878499\");\n script_set_attribute(attribute:\"solution\", value:\n\"All Twisted users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=dev-python/twisted-22.10.0\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'dev-python/twisted',\n 'unaffected' : make_list(\"ge 22.10.0\"),\n 'vulnerable' : make_list(\"lt 22.10.0\")\n }\n];\n\nforeach var package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Twisted');\n}\n", "naslFamily": "Gentoo Local Security Checks", "cpe": ["p-cpe:/a:gentoo:linux:twisted", "cpe:/o:gentoo:linux"], "solution": "All Twisted users should upgrade to the latest version:\n\n # emerge --sync # emerge --ask --oneshot --verbose >=dev-python/twisted-22.10.0", "nessusSeverity": "Medium", "cvssScoreSource": "CVE-2022-21712", "vendor_cvss2": {"score": 5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "vendor_cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "vpr": {"risk factor": "Medium", "score": "4.4"}, "exploitAvailable": true, "exploitEase": "Exploits are available", "patchPublicationDate": "2023-01-11T00:00:00", "vulnerabilityPublicationDate": "2022-02-07T00:00:00", "exploitableWith": []}

{"gentoo": [{"lastseen": "2023-08-01T18:38:52", "description": "### Background\n\nTwisted is an asynchronous networking framework written in Python.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Twisted. Please review the CVE identifiers referenced below for details.\n\n### Impact\n\nPlease review the referenced CVE identifiers for details.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Twisted users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-python/twisted-22.10.0\"", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-11T00:00:00", "type": "gentoo", "title": "Twisted: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-39348"], "modified": "2023-01-11T00:00:00", "id": "GLSA-202301-02", "href": "https://security.gentoo.org/glsa/202301-02", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntu": [{"lastseen": "2023-08-01T19:03:46", "description": "## Releases\n\n * Ubuntu 21.10 \n * Ubuntu 20.04 LTS\n * Ubuntu 18.04 ESM\n\n## Packages\n\n * twisted \\- Event-based framework for internet applications\n\nIt was discovered that Twisted incorrectly filtered HTTP headers when clients \nare being redirected to another origin. A remote attacker could use this issue \nto obtain sensitive information. (CVE-2022-21712)\n\nIt was discovered that Twisted incorrectly processed SSH handshake data on \nconnection establishments. A remote attacker could use this issue to cause \nTwisted to crash, resulting in a denial of service. (CVE-2022-21716)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-30T00:00:00", "type": "ubuntu", "title": "Twisted vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716"], "modified": "2022-03-30T00:00:00", "id": "USN-5354-1", "href": "https://ubuntu.com/security/notices/USN-5354-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-01T19:02:35", "description": "## Releases\n\n * Ubuntu 22.04 LTS\n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * twisted \\- Event-based framework for internet applications\n\nUSN-5354-1 fixed vulnerabilities in Twisted. This update provides the \ncorresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and \nUbuntu 22.04 LTS.\n\nOriginal advisory details:\n\nIt was discovered that Twisted incorrectly processed SSH handshake data on \nconnection establishments. A remote attacker could use this issue to cause \nTwisted to crash, resulting in a denial of service. (CVE-2022-21716)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-05T00:00:00", "type": "ubuntu", "title": "Twisted vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-05-05T00:00:00", "id": "USN-5354-2", "href": "https://ubuntu.com/security/notices/USN-5354-2", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "redhat": [{"lastseen": "2023-08-16T15:27:36", "description": "Twisted is a networking engine written in Python, supporting numerous\nprotocols. It contains a web server, numerous chat clients, chat servers,\nmail servers and more.\n\nSecurity Fix(es):\n\n* SSH client and server denial of service during SSH handshake\n(CVE-2022-21716)\n\n* Secret exposure in cross-origin redirects (CVE-2022-21712)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-24T09:39:14", "type": "redhat", "title": "(RHSA-2022:0982) Important: Red Hat OpenStack Platform 16.1 (python-twisted) security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716"], "modified": "2022-03-24T10:34:41", "id": "RHSA-2022:0982", "href": "https://access.redhat.com/errata/RHSA-2022:0982", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-16T15:27:36", "description": "Twisted is a networking engine written in Python, supporting numerous\nprotocols. It contains a web server, numerous chat clients, chat servers,\nmail servers and more.\n\nSecurity Fix(es):\n\n* Secret exposure in cross-origin redirects of python-twisted (CVE-2022-21712)\n* SSH client and server denial of service during SSH handshake\n(CVE-2022-21716)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-23T20:19:53", "type": "redhat", "title": "(RHSA-2022:0992) Important: Red Hat OpenStack Platform 16.2 (python-twisted) security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716"], "modified": "2022-03-23T21:19:51", "id": "RHSA-2022:0992", "href": "https://access.redhat.com/errata/RHSA-2022:0992", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-18T14:43:11", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0982 advisory.\n\n - dev-python/twisted: secret exposure in cross-origin redirects (CVE-2022-21712)\n\n - python-twisted: SSH client and server denial of service during SSH handshake (CVE-2022-21716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-25T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:0982)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:python3-twisted"], "id": "REDHAT-RHSA-2022-0982.NASL", "href": "https://www.tenable.com/plugins/nessus/159214", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0982. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159214);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-21712\", \"CVE-2022-21716\");\n script_xref(name:\"RHSA\", value:\"2022:0982\");\n\n script_name(english:\"RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:0982)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0982 advisory.\n\n - dev-python/twisted: secret exposure in cross-origin redirects (CVE-2022-21712)\n\n - python-twisted: SSH client and server denial of service during SSH handshake (CVE-2022-21716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-21712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-21716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0982\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2051865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2060960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 346, 400, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-twisted\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.1/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.1/os',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.1/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.1/os',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.1/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/os',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack/16.1/debug',\n 'content/dist/layered/rhel8/x86_64/openstack/16.1/os',\n 'content/dist/layered/rhel8/x86_64/openstack/16.1/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python3-twisted-16.4.1-19.el8ost', 'cpu':'x86_64', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:54:43", "description": "The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5354-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-30T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 20.04 LTS / 21.10 : Twisted vulnerabilities (USN-5354-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716"], "modified": "2023-07-12T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:21.10", "p-cpe:/a:canonical:ubuntu_linux:python-twisted", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-bin", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-conch", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-core", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-mail", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-names", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-news", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-runner", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-web", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-words", "p-cpe:/a:canonical:ubuntu_linux:python3-twisted", "p-cpe:/a:canonical:ubuntu_linux:python3-twisted-bin"], "id": "UBUNTU_USN-5354-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159346", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5354-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159346);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/12\");\n\n script_cve_id(\"CVE-2022-21712\", \"CVE-2022-21716\");\n script_xref(name:\"USN\", value:\"5354-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 20.04 LTS / 21.10 : Twisted vulnerabilities (USN-5354-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-5354-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5354-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:21.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-names\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-news\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-words\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-twisted-bin\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('18.04' >< os_release || '20.04' >< os_release || '21.10' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04 / 20.04 / 21.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '18.04', 'pkgname': 'python-twisted', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-bin', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-conch', 'pkgver': '1:17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-core', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-mail', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-names', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-news', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-runner', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-web', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python-twisted-words', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python3-twisted', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '18.04', 'pkgname': 'python3-twisted-bin', 'pkgver': '17.9.0-2ubuntu0.3'},\n {'osver': '20.04', 'pkgname': 'python3-twisted', 'pkgver': '18.9.0-11ubuntu0.20.04.2'},\n {'osver': '20.04', 'pkgname': 'python3-twisted-bin', 'pkgver': '18.9.0-11ubuntu0.20.04.2'},\n {'osver': '21.10', 'pkgname': 'python3-twisted', 'pkgver': '20.3.0-7ubuntu1.1'},\n {'osver': '21.10', 'pkgname': 'python3-twisted-bin', 'pkgver': '20.3.0-7ubuntu1.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-twisted / python-twisted-bin / python-twisted-conch / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:43:27", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0992 advisory.\n\n - dev-python/twisted: secret exposure in cross-origin redirects (CVE-2022-21712)\n\n - python-twisted: SSH client and server denial of service during SSH handshake (CVE-2022-21716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-24T00:00:00", "type": "nessus", "title": "RHEL 8 : Red Hat OpenStack Platform 16.2 (python-twisted) (RHSA-2022:0992)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:python3-twisted"], "id": "REDHAT-RHSA-2022-0992.NASL", "href": "https://www.tenable.com/plugins/nessus/159201", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:0992. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159201);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-21712\", \"CVE-2022-21716\");\n script_xref(name:\"RHSA\", value:\"2022:0992\");\n\n script_name(english:\"RHEL 8 : Red Hat OpenStack Platform 16.2 (python-twisted) (RHSA-2022:0992)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:0992 advisory.\n\n - dev-python/twisted: secret exposure in cross-origin redirects (CVE-2022-21712)\n\n - python-twisted: SSH client and server denial of service during SSH handshake (CVE-2022-21716)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-21712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-21716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:0992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2051865\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2060960\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(200, 346, 400, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-twisted\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.2/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.2/os',\n 'content/dist/layered/rhel8/x86_64/openstack-cinderlib/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.2/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.2/os',\n 'content/dist/layered/rhel8/x86_64/openstack-deployment-tools/16.2/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/debug',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/os',\n 'content/dist/layered/rhel8/x86_64/openstack-tools/16/source/SRPMS',\n 'content/dist/layered/rhel8/x86_64/openstack/16.2/debug',\n 'content/dist/layered/rhel8/x86_64/openstack/16.2/os',\n 'content/dist/layered/rhel8/x86_64/openstack/16.2/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'python3-twisted-16.4.1-19.el8ost', 'cpu':'x86_64', 'release':'8', 'el_string':'el8ost', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openstack-'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:42:40", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-056 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.\n Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.\n (CVE-2022-24801)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2023-056)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-24801"], "modified": "2023-04-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python3-twisted", "p-cpe:/a:amazon:linux:python3-twisted%2btls", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-056.NASL", "href": "https://www.tenable.com/plugins/nessus/173089", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-056.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173089);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\"CVE-2022-21712\", \"CVE-2022-21716\", \"CVE-2022-24801\");\n\n script_name(english:\"Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2023-056)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-056 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version\n 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP\n request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to\n desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.\n Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a\n different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a\n different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two\n workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by\n upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.\n (CVE-2022-24801)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-056.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-21712.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-21716.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24801.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update python-twisted --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-24801\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted+tls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python3-twisted+tls-22.4.0-124.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-twisted-22.4.0-124.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-twisted / python3-twisted+tls\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-21T14:06:10", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-231 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.\n Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.\n (CVE-2022-24801)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-09T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : python-twisted (ALAS2022-2022-231)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-24801"], "modified": "2023-09-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python3-twisted", "p-cpe:/a:amazon:linux:python3-twisted%2btls", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-231.NASL", "href": "https://www.tenable.com/plugins/nessus/168547", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-231.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168547);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/20\");\n\n script_cve_id(\"CVE-2022-21712\", \"CVE-2022-21716\", \"CVE-2022-24801\");\n\n script_name(english:\"Amazon Linux 2022 : python-twisted (ALAS2022-2022-231)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-231 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version\n 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP\n request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to\n desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.\n Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a\n different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a\n different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two\n workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by\n upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.\n (CVE-2022-24801)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-231.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-21712.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-21716.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24801.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python-twisted' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-24801\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted+tls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python3-twisted+tls-22.4.0-123.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-twisted-22.4.0-123.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-twisted / python3-twisted+tls\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T12:49:04", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4074-1 advisory.\n\n - In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. (CVE-2019-12387)\n\n - In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. (CVE-2020-10108)\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-19T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:4074-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-12387", "CVE-2020-10108", "CVE-2022-21712", "CVE-2022-39348"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python-twisted", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-4074-1.NASL", "href": "https://www.tenable.com/plugins/nessus/167952", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:4074-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167952);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\n \"CVE-2019-12387\",\n \"CVE-2020-10108\",\n \"CVE-2022-21712\",\n \"CVE-2022-39348\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:4074-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:4074-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the SUSE-SU-2022:4074-1 advisory.\n\n - In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an\n attacker to inject invalid characters such as CRLF. (CVE-2019-12387)\n\n - In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two\n content-length headers, it ignored the first header. When the second content-length value was set to zero,\n the request body was interpreted as a pipelined request. (CVE-2020-10108)\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.suse.com/pipermail/sle-updates/2022-November/026310.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-12387\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39348\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10108\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP0/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(0|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP0/3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'0', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'0', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.23.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-21T14:06:35", "description": "The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3212 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-28T00:00:00", "type": "nessus", "title": "Debian DLA-3212-1 : twisted - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-39348"], "modified": "2023-09-20T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-twisted", "p-cpe:/a:debian:debian_linux:python-twisted-bin", "p-cpe:/a:debian:debian_linux:python-twisted-bin-dbg", "p-cpe:/a:debian:debian_linux:python-twisted-conch", "p-cpe:/a:debian:debian_linux:python-twisted-core", "p-cpe:/a:debian:debian_linux:python-twisted-mail", "p-cpe:/a:debian:debian_linux:python-twisted-names", "p-cpe:/a:debian:debian_linux:python-twisted-news", "p-cpe:/a:debian:debian_linux:python-twisted-runner", "p-cpe:/a:debian:debian_linux:python-twisted-runner-dbg", "p-cpe:/a:debian:debian_linux:python-twisted-web", "p-cpe:/a:debian:debian_linux:python-twisted-words", "p-cpe:/a:debian:debian_linux:python3-twisted", "p-cpe:/a:debian:debian_linux:python3-twisted-bin", "p-cpe:/a:debian:debian_linux:python3-twisted-bin-dbg", "p-cpe:/a:debian:debian_linux:twisted-doc", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3212.NASL", "href": "https://www.tenable.com/plugins/nessus/168233", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3212. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168233);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/09/20\");\n\n script_cve_id(\"CVE-2022-39348\");\n\n script_name(english:\"Debian DLA-3212-1 : twisted - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3212\nadvisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/twisted\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3212\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-39348\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/twisted\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the twisted packages.\n\nFor Debian 10 buster, this problem has been fixed in version 18.9.0-3+deb10u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-39348\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-names\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-news\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-runner-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-words\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:twisted-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar debian_release = get_kb_item('Host/Debian/release');\nif ( isnull(debian_release) ) audit(AUDIT_OS_NOT, 'Debian');\ndebian_release = chomp(debian_release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:debian_release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + debian_release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'python-twisted', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-bin', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-bin-dbg', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-conch', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-core', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-mail', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-names', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-news', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-runner', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-runner-dbg', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-web', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python-twisted-words', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python3-twisted', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python3-twisted-bin', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'python3-twisted-bin-dbg', 'reference': '18.9.0-3+deb10u2'},\n {'release': '10.0', 'prefix': 'twisted-doc', 'reference': '18.9.0-3+deb10u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var _release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (_release && prefix && reference) {\n if (deb_check(release:_release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-twisted / python-twisted-bin / python-twisted-bin-dbg / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T12:48:18", "description": "The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4057-1 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-19T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : python-Twisted (SUSE-SU-2022:4057-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-39348"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python3-twisted", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-4057-1.NASL", "href": "https://www.tenable.com/plugins/nessus/167944", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:4057-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167944);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-39348\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:4057-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : python-Twisted (SUSE-SU-2022:4057-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 host has a package installed that is affected by a\nvulnerability as referenced in the SUSE-SU-2022:4057-1 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39348\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-November/012969.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c1e1afd6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-39348\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLED_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED_SAP15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python3-Twisted-19.10.0-150200.3.18.1', 'sp':'3', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'python3-Twisted-19.10.0-150200.3.18.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'python3-Twisted-19.10.0-150200.3.18.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-packagehub-subpackages-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'python3-Twisted-19.10.0-150200.3.18.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-packagehub-subpackages-release-15.3', 'sle-module-server-applications-release-15.3', 'sled-release-15.3', 'sles-release-15.3']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T10:53:21", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:4000-1 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-16T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:4000-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-39348"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python3-twisted", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-4000-1.NASL", "href": "https://www.tenable.com/plugins/nessus/167724", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:4000-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167724);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-39348\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:4000-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:4000-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced\nin the SUSE-SU-2022:4000-1 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204781\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-39348\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-November/012932.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bc2e560d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-39348\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python3-Twisted-22.2.0-150400.5.7.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'python3-Twisted-22.2.0-150400.5.7.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-server-applications-release-15.4', 'sles-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:22", "description": "The version of python-twisted-web installed on the remote host is prior to 12.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2008 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-05T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : python-twisted-web (ALAS-2023-2008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-39348"], "modified": "2023-04-19T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python-twisted-web", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2023-2008.NASL", "href": "https://www.tenable.com/plugins/nessus/173918", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2023-2008.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173918);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/19\");\n\n script_cve_id(\"CVE-2022-39348\");\n\n script_name(english:\"Amazon Linux 2 : python-twisted-web (ALAS-2023-2008)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of python-twisted-web installed on the remote host is prior to 12.1.0-8. It is, therefore, affected by a\nvulnerability as referenced in the ALAS2-2023-2008 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2023-2008.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-39348.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python-twisted-web' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-39348\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python-twisted-web-12.1.0-8.amzn2.0.1', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-twisted-web-12.1.0-8.amzn2.0.1', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-twisted-web-12.1.0-8.amzn2.0.1', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-twisted-web\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:45:49", "description": "It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-130 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2023-130)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-39348"], "modified": "2023-04-20T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python3-twisted", "p-cpe:/a:amazon:linux:python3-twisted%2btls", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-130.NASL", "href": "https://www.tenable.com/plugins/nessus/173153", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-130.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173153);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2022-39348\");\n\n script_name(english:\"Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2023-130)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-130 advisory.\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-130.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-39348.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update python-twisted --releasever=2023.0.20230315' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-39348\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted+tls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python3-twisted+tls-22.4.0-125.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-twisted-22.4.0-125.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-twisted / python3-twisted+tls\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-16T14:42:02", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:0499-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-19T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:0499-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python3-twisted", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0499-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158183", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0499-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158183);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-21712\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0499-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:0499-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced\nin the SUSE-SU-2022:0499-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21712\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-February/010263.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1c287372\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'SLE_RT-release-15.2', 'sles-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sle-module-packagehub-subpackages-release-15.3', 'sle-module-server-applications-release-15.3']},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T14:58:21", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:0734-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:0734-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python-twisted", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-0734-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159153", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0734-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159153);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-21712\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0734-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:0734-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by a vulnerability as referenced\nin the SUSE-SU-2022:0734-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195667\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21712\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010370.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e188f984\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP0/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(0|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP0/3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'0', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'0', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.11.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:11", "description": "The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0499-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-22T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : python-Twisted (openSUSE-SU-2022:0499-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21712"], "modified": "2022-02-22T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python2-twisted", "p-cpe:/a:novell:opensuse:python3-twisted", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0499-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158220", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0499-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158220);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/22\");\n\n script_cve_id(\"CVE-2022-21712\");\n\n script_name(english:\"openSUSE 15 Security Update : python-Twisted (openSUSE-SU-2022:0499-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the\nopenSUSE-SU-2022:0499-1 advisory.\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1195667\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/233XDDM6URC3DPBBAKQV2AZQY6TBXJRV/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7226c5ff\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21712\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python2-Twisted and / or python3-Twisted packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21712\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/02/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python2-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'python2-Twisted-19.10.0-3.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-Twisted-19.10.0-3.6.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python2-Twisted / python3-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-16T14:54:25", "description": "The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2117-1 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-22T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:2117-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python-twisted", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-2117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162472", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2117-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162472);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-21716\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2117-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:2117-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 / SLES_SAP12 host has a package installed that is affected by a vulnerability as referenced\nin the SUSE-SU-2022:2117-1 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21716\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-June/011312.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?aebe4796\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12|SLES_SAP12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12 / SLES_SAP12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP0/3/4/5\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP12\" && (! preg(pattern:\"^(0|3|4|5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP12 SP0/3/4/5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'0', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'3', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE-HPC-release-12', 'sle-module-web-scripting-release-12-0', 'sles-release-12', 'sles-release-12.3', 'sles-release-12.4', 'sles-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'0', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'3', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'4', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']},\n {'reference':'python-Twisted-15.2.1-9.17.1', 'sp':'5', 'release':'SLES_SAP12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12', 'SLES_SAP-release-12.3', 'SLES_SAP-release-12.4', 'SLES_SAP-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-11T14:36:33", "description": "The remote Ubuntu 14.04 LTS / 16.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5354-2 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-05-05T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS / 16.04 LTS / 22.04 LTS : Twisted vulnerability (USN-5354-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-10T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:14.04:-:lts", "cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python-twisted", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-bin", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-conch", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-core", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-lore", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-mail", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-names", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-news", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-runner", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-web", "p-cpe:/a:canonical:ubuntu_linux:python-twisted-words", "p-cpe:/a:canonical:ubuntu_linux:python3-twisted"], "id": "UBUNTU_USN-5354-2.NASL", "href": "https://www.tenable.com/plugins/nessus/160588", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5354-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160588);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/10\");\n\n script_cve_id(\"CVE-2022-21716\");\n script_xref(name:\"USN\", value:\"5354-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS / 16.04 LTS / 22.04 LTS : Twisted vulnerability (USN-5354-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 14.04 LTS / 16.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as\nreferenced in the USN-5354-2 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5354-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-lore\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-names\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-news\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python-twisted-words\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3-twisted\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! ('14.04' >< os_release || '16.04' >< os_release || '22.04' >< os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 14.04 / 16.04 / 22.04', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '14.04', 'pkgname': 'python-twisted', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-bin', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-conch', 'pkgver': '1:13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-core', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-lore', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-mail', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-names', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-news', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-runner', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-web', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '14.04', 'pkgname': 'python-twisted-words', 'pkgver': '13.2.0-1ubuntu1.2+esm2'},\n {'osver': '16.04', 'pkgname': 'python-twisted', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-bin', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-conch', 'pkgver': '1:16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-core', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-mail', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-names', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-news', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-runner', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-web', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python-twisted-words', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '16.04', 'pkgname': 'python3-twisted', 'pkgver': '16.0.0-1ubuntu0.4+esm1'},\n {'osver': '22.04', 'pkgname': 'python3-twisted', 'pkgver': '22.1.0-2ubuntu2.1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-twisted / python-twisted-bin / python-twisted-conch / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:42:45", "description": "The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2938 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-03-08T00:00:00", "type": "nessus", "title": "Debian DLA-2938-1 : twisted - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2022-03-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-twisted", "p-cpe:/a:debian:debian_linux:python-twisted-bin", "p-cpe:/a:debian:debian_linux:python-twisted-bin-dbg", "p-cpe:/a:debian:debian_linux:python-twisted-conch", "p-cpe:/a:debian:debian_linux:python-twisted-core", "p-cpe:/a:debian:debian_linux:python-twisted-mail", "p-cpe:/a:debian:debian_linux:python-twisted-names", "p-cpe:/a:debian:debian_linux:python-twisted-news", "p-cpe:/a:debian:debian_linux:python-twisted-runner", "p-cpe:/a:debian:debian_linux:python-twisted-runner-dbg", "p-cpe:/a:debian:debian_linux:python-twisted-web", "p-cpe:/a:debian:debian_linux:python-twisted-words", "p-cpe:/a:debian:debian_linux:python3-twisted", "p-cpe:/a:debian:debian_linux:python3-twisted-bin", "p-cpe:/a:debian:debian_linux:python3-twisted-bin-dbg", "p-cpe:/a:debian:debian_linux:twisted-doc", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2938.NASL", "href": "https://www.tenable.com/plugins/nessus/158698", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2938. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158698);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/08\");\n\n script_cve_id(\"CVE-2022-21716\");\n\n script_name(english:\"Debian DLA-2938-1 : twisted - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2938\nadvisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2938\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-21716\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/twisted\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the twisted packages.\n\nFor Debian 9 Stretch, this problem has been fixed in version 16.6.0-2+deb9u2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-names\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-news\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-runner-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-words\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:twisted-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'python-twisted', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-bin', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-bin-dbg', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-conch', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-core', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-mail', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-names', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-news', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-runner', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-runner-dbg', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-web', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python-twisted-words', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python3-twisted', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python3-twisted-bin', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'python3-twisted-bin-dbg', 'reference': '16.6.0-2+deb9u2'},\n {'release': '9.0', 'prefix': 'twisted-doc', 'reference': '16.6.0-2+deb9u2'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-twisted / python-twisted-bin / python-twisted-bin-dbg / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-14T15:12:05", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2070-1 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-15T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2070-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python3-twisted", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2070-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162237", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2070-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162237);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/13\");\n\n script_cve_id(\"CVE-2022-21716\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2070-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2070-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced\nin the SUSE-SU-2022:2070-1 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21716\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-June/011279.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6f8b6865\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/06/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP2/3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP2/3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'3', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2', 'sles-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.3', 'sle-module-server-applications-release-15.3', 'sles-release-15.3']},\n {'reference':'python3-Twisted-19.10.0-150200.3.12.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-07-15T14:58:37", "description": "The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2297-1 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-07-08T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2297-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-14T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:python3-twisted", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-2297-1.NASL", "href": "https://www.tenable.com/plugins/nessus/162929", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:2297-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(162929);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/14\");\n\n script_cve_id(\"CVE-2022-21716\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:2297-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2297-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 / SLES_SAP15 host has a package installed that is affected by a vulnerability as referenced\nin the SUSE-SU-2022:2297-1 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1196739\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-21716\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-July/011415.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bd7df3ca\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected python3-Twisted package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/07/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-Twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)(?:_SAP)?\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15|SLES_SAP15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15 / SLES_SAP15', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES_SAP15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES_SAP15 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'python3-Twisted-22.2.0-150400.5.4.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},\n {'reference':'python3-Twisted-22.2.0-150400.5.4.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'sle-module-server-applications-release-15.4', 'sles-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python3-Twisted');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:34:40", "description": "It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-046 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-09-06T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : (ALAS2022-2022-046)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2022-09-06T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python3-twisted", "p-cpe:/a:amazon:linux:python3-twisted%2btls", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-046.NASL", "href": "https://www.tenable.com/plugins/nessus/164764", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-046.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164764);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/06\");\n\n script_cve_id(\"CVE-2022-21716\");\n\n script_name(english:\"Amazon Linux 2022 : (ALAS2022-2022-046)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-046 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-046.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-21716.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update --releasever=2022.0.20220419 python-twisted' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/04/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/09/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python3-twisted+tls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python3-twisted+tls-22.2.0-117.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-twisted-22.2.0-117.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-twisted / python3-twisted+tls\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:30:48", "description": "It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1592 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-06-10T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python-twisted-conch (ALAS-2022-1592)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-21716"], "modified": "2022-06-10T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python26-twisted-conch", "p-cpe:/a:amazon:linux:python27-twisted-conch", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2022-1592.NASL", "href": "https://www.tenable.com/plugins/nessus/161994", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2022-1592.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(161994);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/06/10\");\n\n script_cve_id(\"CVE-2022-21716\");\n\n script_name(english:\"Amazon Linux AMI : python-twisted-conch (ALAS-2022-1592)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by a vulnerability as referenced in the ALAS-2022-1592 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0,\n Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH\n version identifier. This ends up with a buffer using all the available memory. The attach is a simple as\n `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known\n workarounds. (CVE-2022-21716)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2022-1592.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-21716.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python-twisted-conch' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-21716\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/03/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nvar os_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python26-twisted-conch-8.2.0-3.2.7.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python26-twisted-conch-8.2.0-3.2.7.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-twisted-conch-8.2.0-3.2.7.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-twisted-conch-8.2.0-3.2.7.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python26-twisted-conch / python27-twisted-conch\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:01", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1717 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.\n Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.\n (CVE-2022-24801)\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-06T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : python-twisted-web (ALAS-2023-1717)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-24801", "CVE-2022-39348"], "modified": "2023-04-19T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:python26-twisted-web", "p-cpe:/a:amazon:linux:python27-twisted-web", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2023-1717.NASL", "href": "https://www.tenable.com/plugins/nessus/173953", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2023-1717.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173953);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/19\");\n\n script_cve_id(\"CVE-2022-24801\", \"CVE-2022-39348\");\n\n script_name(english:\"Amazon Linux AMI : python-twisted-web (ALAS-2023-1717)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1717 advisory.\n\n - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version\n 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP\n request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to\n desync if requests pass through multiple HTTP parsers, potentially resulting in HTTP request smuggling.\n Users who may be affected use Twisted Web's HTTP 1.1 server and/or proxy and also pass requests through a\n different HTTP server and/or proxy. The Twisted Web client is not affected. The HTTP 2.0 server uses a\n different parser, so it is not affected. The issue has been addressed in Twisted 22.4.0rc1. Two\n workarounds are available: Ensure any vulnerabilities in upstream proxies have been addressed, such as by\n upgrading them; or filter malformed requests by other means, such as configuration of an upstream proxy.\n (CVE-2022-24801)\n\n - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host\n header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource`\n resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n In practice this should be very difficult to exploit as being able to modify the Host header of a normal\n HTTP request implies that one is already in a privileged position. This issue was fixed in version\n 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2023-1717.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-24801.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-39348.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update python-twisted-web' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-24801\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/04/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python26-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python27-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'python26-twisted-web-8.2.0-6.8.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python26-twisted-web-8.2.0-6.8.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-twisted-web-8.2.0-6.8.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python27-twisted-web-8.2.0-6.8.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python26-twisted-web / python27-twisted-web\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:48:15", "description": "The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2927 advisory.\n\n - In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. (CVE-2020-10108)\n\n - In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. (CVE-2020-10109)\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-02-19T00:00:00", "type": "nessus", "title": "Debian DLA-2927-1 : twisted - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10108", "CVE-2020-10109", "CVE-2022-21712"], "modified": "2022-02-19T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:python-twisted-conch", "p-cpe:/a:debian:debian_linux:python-twisted", "p-cpe:/a:debian:debian_linux:python-twisted-bin", "p-cpe:/a:debian:debian_linux:python-twisted-core", "p-cpe:/a:debian:debian_linux:python-twisted-bin-dbg", "p-cpe:/a:debian:debian_linux:python-twisted-mail", "p-cpe:/a:debian:debian_linux:python-twisted-names", "p-cpe:/a:debian:debian_linux:python-twisted-news", "p-cpe:/a:debian:debian_linux:python-twisted-runner", "p-cpe:/a:debian:debian_linux:python-twisted-runner-dbg", "p-cpe:/a:debian:debian_linux:python-twisted-web", "p-cpe:/a:debian:debian_linux:python-twisted-words", "p-cpe:/a:debian:debian_linux:python3-twisted", "p-cpe:/a:debian:debian_linux:python3-twisted-bin", "p-cpe:/a:debian:debian_linux:python3-twisted-bin-dbg", "p-cpe:/a:debian:debian_linux:twisted-doc", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DLA-2927.NASL", "href": "https://www.tenable.com/plugins/nessus/158196", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-2927. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158196);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/19\");\n\n script_cve_id(\"CVE-2020-10108\", \"CVE-2020-10109\", \"CVE-2022-21712\");\n\n script_name(english:\"Debian DLA-2927-1 : twisted - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-2927 advisory.\n\n - In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two\n content-length headers, it ignored the first header. When the second content-length value was set to zero,\n the request body was interpreted as a pipelined request. (CVE-2020-10108)\n\n - In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a\n content-length and a chunked encoding header, the content-length took precedence and the remainder of the\n request body was interpreted as a pipelined request. (CVE-2020-10109)\n\n - twisted is an event-driven networking engine written in Python. In affected versions twisted exposes\n cookies and authorization headers when following cross-origin redirects. This issue is present in the\n `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to\n upgrade. There are no known workarounds. (CVE-2022-21712)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953950\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/twisted\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-2927\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-10108\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2020-10109\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-21712\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/stretch/twisted\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the twisted packages.\n\nFor Debian 9 stretch, these problems have been fixed in version 16.6.0-2+deb9u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10109\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-conch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-mail\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-names\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-news\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-runner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-runner-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-web\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-twisted-words\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python3-twisted-bin-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:twisted-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(9)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 9.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '9.0', 'prefix': 'python-twisted', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-bin', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-bin-dbg', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-conch', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-core', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-mail', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-names', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-news', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-runner', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-runner-dbg', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-web', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python-twisted-words', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python3-twisted', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python3-twisted-bin', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'python3-twisted-bin-dbg', 'reference': '16.6.0-2+deb9u1'},\n {'release': '9.0', 'prefix': 'twisted-doc', 'reference': '16.6.0-2+deb9u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'python-twisted / python-twisted-bin / python-twisted-bin-dbg / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-08-04T16:28:20", "description": "This Solaris system is missing necessary patches to address critical security updates :\n\n - Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Interface). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: CVE-2023-22023 is equivalent to CVE-2023-31284. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts).\n CVSS Vector:\n (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n (CVE-2023-22023)\n\n - Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security (OpenSSL)). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise PeopleSoft Enterprise PeopleTools.\n Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).\n (CVE-2022-2097)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Connection Handling).\n Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts).\n CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n (CVE-2022-21617)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.39 and prior and 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n (CVE-2022-21608)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).\n Supported versions that are affected are 5.7.39 and prior and 8.0.29 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).\n (CVE-2022-21592)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).\n Supported versions that are affected are 5.7.39 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).\n (CVE-2022-21589)\n\n - Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Packaging (cURL)). Supported versions that are affected are 5.7.41 and prior and 8.0.32 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server.\n Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n (CVE-2022-43551)\n\n - Vulnerability in the Oracle Communications Network Analytics Data Director product of Oracle Communications (component: Install/Upgrade (Kerberos)). The supported version that is affected is 23.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Network Analytics Data Director.\n Successful attacks of this vulnerability can result in takeover of Oracle Communications Network Analytics Data Director. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n (CVE-2022-42898)\n\n - Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Third Party (SQLite)). The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In Technology executes to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized access to critical data or complete access to all Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts).\n CVSS Vector:\n (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L).\n (CVE-2022-46908)\n\n - Vulnerability in the Oracle Communications Diameter Signaling Router product of Oracle Communications (component: Platform (Microcode Controller)). The supported version that is affected is 8.6.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Communications Diameter Signaling Router executes to compromise Oracle Communications Diameter Signaling Router. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Communications Diameter Signaling Router accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).\n (CVE-2022-21123)\n\n - Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Porting (Cryptography)). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise PeopleSoft Enterprise PeopleTools.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).\n (CVE-2023-23931)\n\n - Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Porting (Python setuptools)). Supported versions that are affected are 8.59 and 8.60. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of PeopleSoft Enterprise PeopleTools.\n CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n (CVE-2022-40897)", "cvss3": {}, "published": "2023-07-20T00:00:00", "type": "nessus", "title": "Oracle Solaris Critical Patch Update : jul2023_SRU11_4_57_144_3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2021-43618", "CVE-2022-2097", "CVE-2022-21123", "CVE-2022-21125", "CVE-2022-21127", "CVE-2022-21166", "CVE-2022-21589", "CVE-2022-21592", "CVE-2022-21608", "CVE-2022-21617", "CVE-2022-28805", "CVE-2022-33099", "CVE-2022-39348", "CVE-2022-40897", "CVE-2022-42898", "CVE-2022-43551", "CVE-2022-43552", "CVE-2022-44617", "CVE-2022-44792", "CVE-2022-44793", "CVE-2022-46285", "CVE-2022-46663", "CVE-2022-46908", "CVE-2022-47016", "CVE-2022-48303", "CVE-2022-4883", "CVE-2023-0494", "CVE-2023-1161", "CVE-2023-22023", "CVE-2023-23931", "CVE-2023-27320", "CVE-2023-28486", "CVE-2023-28487", "CVE-2023-31284"], "modified": "2023-07-26T00:00:00", "cpe": ["cpe:/o:oracle:solaris"], "id": "SOLARIS_JUL2023_SRU11_4_57_144_3.NASL", "href": "https://www.tenable.com/plugins/nessus/178627", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from the Oracle CPU for jul2023.\n#\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(178627);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/07/26\");\n\n script_cve_id(\"CVE-2021-43618\", \"CVE-2022-2097\", \"CVE-2022-21123\", \"CVE-2022-21125\", \"CVE-2022-21127\", \"CVE-2022-21166\", \"CVE-2022-21589\", \"CVE-2022-21592\", \"CVE-2022-21608\", \"CVE-2022-21617\", \"CVE-2022-28805\", \"CVE-2022-33099\", \"CVE-2022-39348\", \"CVE-2022-40897\", \"CVE-2022-42898\", \"CVE-2022-43551\", \"CVE-2022-43552\", \"CVE-2022-44617\", \"CVE-2022-44792\", \"CVE-2022-44793\", \"CVE-2022-46285\", \"CVE-2022-46663\", \"CVE-2022-46908\", \"CVE-2022-47016\", \"CVE-2022-48303\", \"CVE-2022-4883\", \"CVE-2023-0494\", \"CVE-2023-1161\", \"CVE-2023-22023\", \"CVE-2023-23931\", \"CVE-2023-27320\", \"CVE-2023-28486\", \"CVE-2023-28487\", \"CVE-2023-31284\");\n script_xref(name:\"IAVA\", value:\"2023-A-0370\");\n\n script_name(english:\"Oracle Solaris Critical Patch Update : jul2023_SRU11_4_57_144_3\");\n script_summary(english:\"Check for the jul2023 CPU\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Solaris system is missing a security patch from CPU\njul2023.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This Solaris system is missing necessary patches to address critical\nsecurity updates :\n\n - Vulnerability in the Oracle Solaris product of Oracle\n Systems (component: Device Driver Interface). The\n supported version that is affected is 11. Easily\n exploitable vulnerability allows low privileged attacker\n with logon to the infrastructure where Oracle Solaris\n executes to compromise Oracle Solaris. Successful\n attacks of this vulnerability can result in takeover of\n Oracle Solaris. Note: CVE-2023-22023 is equivalent to\n CVE-2023-31284. CVSS 3.1 Base Score 7.8\n (Confidentiality, Integrity and Availability impacts).\n CVSS Vector:\n (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n (CVE-2023-22023)\n\n - Vulnerability in the PeopleSoft Enterprise PeopleTools\n product of Oracle PeopleSoft (component: Security\n (OpenSSL)). Supported versions that are affected are\n 8.58, 8.59 and 8.60. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n TLS to compromise PeopleSoft Enterprise PeopleTools.\n Successful attacks of this vulnerability can result in\n unauthorized read access to a subset of PeopleSoft\n Enterprise PeopleTools accessible data. CVSS 3.1 Base\n Score 5.3 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).\n (CVE-2022-2097)\n\n - Vulnerability in the MySQL Server product of Oracle\n MySQL (component: Server: Connection Handling).\n Supported versions that are affected are 5.7.39 and\n prior and 8.0.30 and prior. Easily exploitable\n vulnerability allows high privileged attacker with\n network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized ability to cause a hang or\n frequently repeatable crash (complete DOS) of MySQL\n Server. CVSS 3.1 Base Score 4.9 (Availability impacts).\n CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n (CVE-2022-21617)\n\n - Vulnerability in the MySQL Server product of Oracle\n MySQL (component: Server: Optimizer). Supported versions\n that are affected are 5.7.39 and prior and 8.0.30 and\n prior. Easily exploitable vulnerability allows high\n privileged attacker with network access via multiple\n protocols to compromise MySQL Server. Successful attacks\n of this vulnerability can result in unauthorized ability\n to cause a hang or frequently repeatable crash (complete\n DOS) of MySQL Server. CVSS 3.1 Base Score 4.9\n (Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n (CVE-2022-21608)\n\n - Vulnerability in the MySQL Server product of Oracle\n MySQL (component: Server: Security: Encryption).\n Supported versions that are affected are 5.7.39 and\n prior and 8.0.29 and prior. Easily exploitable\n vulnerability allows low privileged attacker with\n network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized read access to a subset of\n MySQL Server accessible data. CVSS 3.1 Base Score 4.3\n (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).\n (CVE-2022-21592)\n\n - Vulnerability in the MySQL Server product of Oracle\n MySQL (component: Server: Security: Privileges).\n Supported versions that are affected are 5.7.39 and\n prior and 8.0.16 and prior. Easily exploitable\n vulnerability allows low privileged attacker with\n network access via multiple protocols to compromise\n MySQL Server. Successful attacks of this vulnerability\n can result in unauthorized read access to a subset of\n MySQL Server accessible data. CVSS 3.1 Base Score 4.3\n (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).\n (CVE-2022-21589)\n\n - Vulnerability in the MySQL Server product of Oracle\n MySQL (component: Server: Packaging (cURL)). Supported\n versions that are affected are 5.7.41 and prior and\n 8.0.32 and prior. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n multiple protocols to compromise MySQL Server.\n Successful attacks of this vulnerability can result in\n unauthorized access to critical data or complete access\n to all MySQL Server accessible data. CVSS 3.1 Base Score\n 7.5 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).\n (CVE-2022-43551)\n\n - Vulnerability in the Oracle Communications Network\n Analytics Data Director product of Oracle Communications\n (component: Install/Upgrade (Kerberos)). The supported\n version that is affected is 23.1.0. Easily exploitable\n vulnerability allows low privileged attacker with\n network access via HTTP to compromise Oracle\n Communications Network Analytics Data Director.\n Successful attacks of this vulnerability can result in\n takeover of Oracle Communications Network Analytics Data\n Director. CVSS 3.1 Base Score 8.8 (Confidentiality,\n Integrity and Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n (CVE-2022-42898)\n\n - Vulnerability in the Oracle Outside In Technology\n product of Oracle Fusion Middleware (component: Third\n Party (SQLite)). The supported version that is affected\n is 8.5.6. Easily exploitable vulnerability allows low\n privileged attacker with logon to the infrastructure\n where Oracle Outside In Technology executes to\n compromise Oracle Outside In Technology. Successful\n attacks of this vulnerability can result in unauthorized\n creation, deletion or modification access to critical\n data or all Oracle Outside In Technology accessible data\n as well as unauthorized access to critical data or\n complete access to all Oracle Outside In Technology\n accessible data and unauthorized ability to cause a\n partial denial of service (partial DOS) of Oracle\n Outside In Technology. CVSS 3.1 Base Score 7.3\n (Confidentiality, Integrity and Availability impacts).\n CVSS Vector:\n (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L).\n (CVE-2022-46908)\n\n - Vulnerability in the Oracle Communications Diameter\n Signaling Router product of Oracle Communications\n (component: Platform (Microcode Controller)). The\n supported version that is affected is 8.6.0.0. Easily\n exploitable vulnerability allows low privileged attacker\n with logon to the infrastructure where Oracle\n Communications Diameter Signaling Router executes to\n compromise Oracle Communications Diameter Signaling\n Router. Successful attacks of this vulnerability can\n result in unauthorized access to critical data or\n complete access to all Oracle Communications Diameter\n Signaling Router accessible data. CVSS 3.1 Base Score\n 5.5 (Confidentiality impacts). CVSS Vector:\n (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).\n (CVE-2022-21123)\n\n - Vulnerability in the PeopleSoft Enterprise PeopleTools\n product of Oracle PeopleSoft (component: Porting\n (Cryptography)). Supported versions that are affected\n are 8.59 and 8.60. Easily exploitable vulnerability\n allows unauthenticated attacker with network access via\n HTTPS to compromise PeopleSoft Enterprise PeopleTools.\n Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of\n PeopleSoft Enterprise PeopleTools accessible data and\n unauthorized ability to cause a partial denial of\n service (partial DOS) of PeopleSoft Enterprise\n PeopleTools. CVSS 3.1 Base Score 6.5 (Integrity and\n Availability impacts). CVSS Vector:\n (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L).\n (CVE-2023-23931)\n\n - Vulnerability in the PeopleSoft Enterprise PeopleTools\n product of Oracle PeopleSoft (component: Porting (Python\n setuptools)). Supported versions that are affected are\n 8.59 and 8.60. Difficult to exploit vulnerability allows\n unauthenticated attacker with network access via HTTP to\n compromise PeopleSoft Enterprise PeopleTools. Successful\n attacks of this vulnerability can result in unauthorized\n ability to cause a hang or frequently repeatable crash\n (complete DOS) of PeopleSoft Enterprise PeopleTools.\n CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS\n Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).\n (CVE-2022-40897)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.oracle.com/epmos/faces/DocumentDisplay?id=2960446.1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.oracle.com/docs/tech/security-alerts/cpujul2023cvrf.xml\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.oracle.com/security-alerts/cpujul2023.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the jul2023 CPU from the Oracle support website.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-28805\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2021/11/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/07/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/07/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Solaris Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris11/release\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"solaris.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Solaris11/release\");\nif (isnull(release)) audit(AUDIT_OS_NOT, \"Solaris11\");\n\n\nfix_release = \"11.4-11.4.57.0.1.144.3\";\n\nflag = 0;\n\nif (solaris_check_release(release:\"11.4-11.4.57.0.1.144.3\", sru:\"11.4.57.144.3\") > 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:solaris_get_report2());\n else security_warning(0);\n exit(0);\n}\naudit(AUDIT_OS_RELEASE_NOT, \"Solaris\", fix_release, release);\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "mageia": [{"lastseen": "2023-08-01T18:42:01", "description": "CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attacker could use this issue to cause Twisted to crash, resulting in a denial of service. GHSA-rv6r-3f5q-9rgx The Twisted SSH client and server implementation naively accepted an infinite amount of data for the peer's SSH version identifier. GHSA-c2jg-hw38-jrqq and CVE-2022-24801 The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230 GHSA-92x2-jw7w-xvvx: twisted.web.client.getPage, twisted.web.client.downladPage, and the associated implementation classes (HTTPPageGetter, HTTPPageDownloader, HTTPClientFactory, HTTPDownloader) have been removed because they do not segregate cookies by domain. They were deprecated in Twisted 16.7.0 in favor of twisted.web.client.Agent. \n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-05-12T10:24:45", "type": "mageia", "title": "Updated python-twisted packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-24801"], "modified": "2022-05-12T10:24:45", "id": "MGASA-2022-0168", "href": "https://advisories.mageia.org/MGASA-2022-0168.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:12:48", "description": "When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. (CVE-2022-39348) \n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-02-27T20:27:16", "type": "mageia", "title": "Updated python-twisted packages fix security vulnerability\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-02-20T21:25:36", "id": "MGASA-2023-0061", "href": "https://advisories.mageia.org/MGASA-2023-0061.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}], "fedora": [{"lastseen": "2023-08-01T18:46:26", "description": "Twisted is a networking engine written in Python, supporting numerous proto cols. It contains a web server, numerous chat clients, chat servers, mail servers and more. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-03T01:07:05", "type": "fedora", "title": "[SECURITY] Fedora 36 Update: python-twisted-22.4.0-1.fc36", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-24801"], "modified": "2022-07-03T01:07:05", "id": "FEDORA:67A9D305F84D", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-08-01T18:46:26", "description": "Twisted is a networking engine written in Python, supporting numerous proto cols. It contains a web server, numerous chat clients, chat servers, mail servers and more. ", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-07-03T01:21:11", "type": "fedora", "title": "[SECURITY] Fedora 35 Update: python-twisted-22.4.0-1.fc35", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-21716", "CVE-2022-24801"], "modified": "2022-07-03T01:21:11", "id": "FEDORA:6F8003055F54", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K/", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "prion": [{"lastseen": "2023-08-15T20:07:25", "description": "Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T20:15:00", "type": "prion", "title": "Twisted vulnerable to NameVirtualHost Host header injection", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-03-08T01:07:00", "id": "PRION:CVE-2022-39348", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-39348", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-08-15T15:43:12", "description": "twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T22:15:00", "type": "prion", "title": "Cookie and header exposure in twisted", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-02-01T15:45:00", "id": "PRION:CVE-2022-21712", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-21712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-15T15:43:11", "description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T21:15:00", "type": "prion", "title": "Buffer Overflow in Twisted", "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-24T13:47:00", "id": "PRION:CVE-2022-21716", "href": "https://kb.prio-n.com/vulnerability/CVE-2022-21716", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "github": [{"lastseen": "2023-06-03T17:12:40", "description": "When the host header does not match a configured host, `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n\nExample configuration:\n```python\nfrom twisted.web.server import Site\nfrom twisted.web.vhost import NameVirtualHost\nfrom twisted.internet import reactor\n\nresource = NameVirtualHost()\nsite = Site(resource)\nreactor.listenTCP(8080, site)\nreactor.run()\n```\nOutput:\n```\n\u276f curl -H\"Host:<h1>HELLO THERE</h1>\" http://localhost:8080/\n\n<html>\n <head><title>404 - No Such Resource</title></head>\n <body>\n <h1>No Such Resource</h1>\n <p>host b'<h1>hello there</h1>' not in vhost map</p>\n </body>\n</html>\n```\n\nThis vulnerability was introduced in f49041bb67792506d85aeda9cf6157e92f8048f4 and first appeared in the 0.9.4 release.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T22:08:39", "type": "github", "title": "Twisted vulnerable to NameVirtualHost Host header injection", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-01-27T05:04:07", "id": "GHSA-VG46-2RRJ-3647", "href": "https://github.com/advisories/GHSA-vg46-2rrj-3647", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-14T15:09:36", "description": "### Impact\n\nCookie and Authorization headers are leaked when following cross-origin redirects in `twited.web.client.RedirectAgent` and `twisted.web.client.BrowserLikeRedirectAgent`.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T22:36:00", "type": "github", "title": "Cookie and header exposure in twisted", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-01-27T05:03:46", "id": "GHSA-92X2-JW7W-XVVX", "href": "https://github.com/advisories/GHSA-92x2-jw7w-xvvx", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-09-04T21:59:07", "description": "### Impact\n\nThe Twisted SSH client and server implementation naively accepted an infinite amount of data for the peer's SSH version identifier.\n\nA malicious peer can trivially craft a request that uses all available memory and crash the server, resulting in denial of service. The attack is as simple as `nc -rv localhost 22 < /dev/zero`.\n\n### Patches\n\nThe issue was fix in GitHub commit https://github.com/twisted/twisted/commit/98387b39e9f0b21462f6abc7a1325dc370fcdeb1\n\nA fix is available in Twisted 22.2.0.\n\n### Workarounds\n\n* Limit access to the SSH server only to trusted source IP addresses.\n* Connect over SSH only to trusted destination IP addresses.\n\n### References\n\nReported at https://twistedmatrix.com/trac/ticket/10284\nDiscussions at https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx\n\n### For more information\n\nFound by vin01", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T19:02:08", "type": "github", "title": "Twisted SSH client and server deny of service during SSH handshake.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-09-04T05:05:15", "id": "GHSA-RV6R-3F5Q-9RGX", "href": "https://github.com/advisories/GHSA-rv6r-3f5q-9rgx", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-14T15:09:37", "description": "### Impact\n\nTreq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary, for example:\n\n```py\ntreq.get('https://example.com/', cookies={'session': '1234'})\n```\n\nSuch cookies are not bound to a single domain, and are therefore sent to *every* domain (\"supercookies\"). This can potentially cause sensitive information to leak upon an HTTP redirect to a different domain., e.g. should `https://example.com` redirect to `http://cloudstorageprovider.com` the latter will receive the cookie `session`.\n\n### Patches\n\nTreq 2021.1.0 and later bind cookies given to request methods (`treq.request`, `treq.get`, `HTTPClient.request`, `HTTPClient.get`, etc.) to the origin of the *url* parameter.\n\n### Workarounds\n\nInstead of passing a dictionary as the *cookies* argument, pass a `http.cookiejar.CookieJar` instance with properly domain- and scheme-scoped cookies in it:\n\n```py\nfrom http.cookiejar import CookieJar\nfrom requests.cookies import create_cookie\n\njar = CookieJar()\njar.add_cookie(\n create_cookie(\n name='session',\n value='1234',\n domain='example.com',\n secure=True,\n ),\n)\nclient = HTTPClient(cookies=jar)\nclient.get('https://example.com/')\n```\n\n### References\n\n* Originally reported at [huntr.dev](https://huntr.dev/bounties/3c9204fc-a3d1-4441-8599-924c5f57e7ae/?token=06d930e37046c914bcb037e85cc227dc7b510b475989fc69837566562ba899277d46b0fb4b1e21cdcb6ddc1b7d9b1ded632cf3a3551ecb89afca16a63b34641284b50479d5195bba2ac09b116f3dd4fad27f54404c2de922c05c8c8b744aec27bb4d4d198cb8b3abf479af0c2d5fbaa10412da7922594ac3eb39)\n* A related issue in the handling of HTTP basic authentication was addressed in Twisted 22.1 ([GHSA-92x2-jw7w-xvvx](https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx), CVE-2022-21712).", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 4.0}, "published": "2022-02-01T00:43:38", "type": "github", "title": "Unsafe handling of user-specified cookies in treq", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-23607"], "modified": "2023-02-03T05:05:15", "id": "GHSA-FHPF-PP6P-55QC", "href": "https://github.com/advisories/GHSA-fhpf-pp6p-55qc", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2023-07-27T18:12:37", "description": "Twisted is an event-based framework for internet applications. Started with\nversion 0.9.4, when the host header does not match a configured host\n`twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource\nwhich renders the Host header unescaped into the 404 response allowing HTML\nand script injection. In practice this should be very difficult to exploit\nas being able to modify the Host header of a normal HTTP request implies\nthat one is already in a privileged position. This issue was fixed in\nversion 22.10.0rc1. There are no known workarounds.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1023359>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | introduced by: https://github.com/twisted/twisted/commit/f49041bb67792506d85aeda9cf6157e92f8048f4\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T00:00:00", "type": "ubuntucve", "title": "CVE-2022-39348", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2022-10-26T00:00:00", "id": "UB:CVE-2022-39348", "href": "https://ubuntu.com/security/CVE-2022-39348", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-15T13:33:54", "description": "twisted is an event-driven networking engine written in Python. In affected\nversions twisted exposes cookies and authorization headers when following\ncross-origin redirects. This issue is present in the\n`twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent`\nfunctions. Users are advised to upgrade. There are no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T00:00:00", "type": "ubuntucve", "title": "CVE-2022-21712", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2022-02-07T00:00:00", "id": "UB:CVE-2022-21712", "href": "https://ubuntu.com/security/CVE-2022-21712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-09T15:39:33", "description": "Twisted is an event-based framework for internet applications, supporting\nPython 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is\nable to accept an infinite amount of data for the peer's SSH version\nidentifier. This ends up with a buffer using all the available memory. The\nattach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is\navailable in version 22.2.0. There are currently no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T00:00:00", "type": "ubuntucve", "title": "CVE-2022-21716", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-03-03T00:00:00", "id": "UB:CVE-2022-21716", "href": "https://ubuntu.com/security/CVE-2022-21716", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2023-06-03T15:48:14", "description": "**Issue Overview:**\n\nTwisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\n \n**Affected Packages:** \n\n\npython-twisted-web\n\n \n**Issue Correction:** \nRun _yum update python-twisted-web_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n \u00a0\u00a0\u00a0 python-twisted-web-12.1.0-8.amzn2.0.1.aarch64 \n \n i686: \n \u00a0\u00a0\u00a0 python-twisted-web-12.1.0-8.amzn2.0.1.i686 \n \n src: \n \u00a0\u00a0\u00a0 python-twisted-web-12.1.0-8.amzn2.0.1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 python-twisted-web-12.1.0-8.amzn2.0.1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2022-39348](<https://access.redhat.com/security/cve/CVE-2022-39348>)\n\nMitre: [CVE-2022-39348](<https://vulners.com/cve/CVE-2022-39348>)\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2023-03-30T18:56:00", "type": "amazon", "title": "Medium: python-twisted-web", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-04-04T22:10:00", "id": "ALAS2-2023-2008", "href": "https://alas.aws.amazon.com/AL2/ALAS-2023-2008.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-08-01T20:56:09", "description": "**Issue Overview:**\n\nAn uncontrolled resource consumption flaw was found in python-twisted in the dataReceived() function. This flaw allows an unauthenticated, remote attacker to send a simple command to use all available memory and crash the server. (CVE-2022-21716)\n\n \n**Affected Packages:** \n\n\npython-twisted-conch\n\n \n**Issue Correction:** \nRun _yum update python-twisted-conch_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 python26-twisted-conch-8.2.0-3.2.7.amzn1.i686 \n \u00a0\u00a0\u00a0 python27-twisted-conch-8.2.0-3.2.7.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 python-twisted-conch-8.2.0-3.2.7.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 python27-twisted-conch-8.2.0-3.2.7.amzn1.x86_64 \n \u00a0\u00a0\u00a0 python26-twisted-conch-8.2.0-3.2.7.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2022-21716](<https://access.redhat.com/security/cve/CVE-2022-21716>)\n\nMitre: [CVE-2022-21716](<https://vulners.com/cve/CVE-2022-21716>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-05-31T23:47:00", "type": "amazon", "title": "Important: python-twisted-conch", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-06-09T18:52:00", "id": "ALAS-2022-1592", "href": "https://alas.aws.amazon.com/ALAS-2022-1592.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-14T14:49:05", "description": "**Issue Overview:**\n\nA flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\\n and \\t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTTP parsers. This flaw allows a remote attacker to perform an HTTP request smuggling attack. (CVE-2022-24801)\n\nTwisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds. (CVE-2022-39348)\n\n \n**Affected Packages:** \n\n\npython-twisted-web\n\n \n**Issue Correction:** \nRun _yum update python-twisted-web_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n \u00a0\u00a0\u00a0 python26-twisted-web-8.2.0-6.8.amzn1.i686 \n \u00a0\u00a0\u00a0 python27-twisted-web-8.2.0-6.8.amzn1.i686 \n \n src: \n \u00a0\u00a0\u00a0 python-twisted-web-8.2.0-6.8.amzn1.src \n \n x86_64: \n \u00a0\u00a0\u00a0 python26-twisted-web-8.2.0-6.8.amzn1.x86_64 \n \u00a0\u00a0\u00a0 python27-twisted-web-8.2.0-6.8.amzn1.x86_64 \n \n \n\n### Additional References\n\nRed Hat: [CVE-2022-24801](<https://access.redhat.com/security/cve/CVE-2022-24801>), [CVE-2022-39348](<https://access.redhat.com/security/cve/CVE-2022-39348>)\n\nMitre: [CVE-2022-24801](<https://vulners.com/cve/CVE-2022-24801>), [CVE-2022-39348](<https://vulners.com/cve/CVE-2022-39348>)\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-03-30T22:50:00", "type": "amazon", "title": "Important: python-twisted-web", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-24801", "CVE-2022-39348"], "modified": "2023-04-05T20:24:00", "id": "ALAS-2023-1717", "href": "https://alas.aws.amazon.com/ALAS-2023-1717.html", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhatcve": [{"lastseen": "2023-06-03T17:14:31", "description": "A host header injection flaw was found in the twisted event-based framework's web module. When the host header does not match a configured host, the web module will render unescaped characters into the 404 response. This can result in HTML and script injection. For this vulnerability to be exploited, the attacker needs to be in a privileged position.\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-11-02T14:26:24", "type": "redhatcve", "title": "CVE-2022-39348", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-05-15T20:54:52", "id": "RH:CVE-2022-39348", "href": "https://access.redhat.com/security/cve/cve-2022-39348", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-14T14:56:36", "description": "A flaw was found in the twisted Python library when WebClient redirects via the RedirectAgent and BrowserLikeRedirectAgent methods. This flaw allows an attacker to take advantage of these cross-origin redirects and leak the cookie and authorization headers.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-08T09:16:30", "type": "redhatcve", "title": "CVE-2022-21712", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-06-11T01:50:06", "id": "RH:CVE-2022-21712", "href": "https://access.redhat.com/security/cve/cve-2022-21712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-01T20:44:06", "description": "An uncontrolled resource consumption flaw was found in python-twisted in the dataReceived() function. This flaw allows an unauthenticated, remote attacker to send a simple command to use all available memory and crash the server.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-04T17:51:22", "type": "redhatcve", "title": "CVE-2022-21716", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-04-06T09:26:43", "id": "RH:CVE-2022-21716", "href": "https://access.redhat.com/security/cve/cve-2022-21716", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "osv": [{"lastseen": "2023-04-11T01:35:57", "description": "When the host header does not match a configured host, `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.\n\nExample configuration:\n```python\nfrom twisted.web.server import Site\nfrom twisted.web.vhost import NameVirtualHost\nfrom twisted.internet import reactor\n\nresource = NameVirtualHost()\nsite = Site(resource)\nreactor.listenTCP(8080, site)\nreactor.run()\n```\nOutput:\n```\n\u276f curl -H\"Host:<h1>HELLO THERE</h1>\" http://localhost:8080/\n\n<html>\n <head><title>404 - No Such Resource</title></head>\n <body>\n <h1>No Such Resource</h1>\n <p>host b'<h1>hello there</h1>' not in vhost map</p>\n </body>\n</html>\n```\n\nThis vulnerability was introduced in f49041bb67792506d85aeda9cf6157e92f8048f4 and first appeared in the 0.9.4 release.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T22:08:39", "type": "osv", "title": "Twisted vulnerable to NameVirtualHost Host header injection", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2022-39348"], "modified": "2023-04-11T01:35:55", "id": "OSV:GHSA-VG46-2RRJ-3647", "href": "https://osv.dev/vulnerability/GHSA-vg46-2rrj-3647", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-05-11T21:07:16", "description": "twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-02-07T22:15:00", "type": "osv", "title": "PYSEC-2022-27", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2022-02-15T06:31:29", "id": "OSV:PYSEC-2022-27", "href": "https://osv.dev/vulnerability/PYSEC-2022-27", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-11T01:42:38", "description": "### Impact\n\nCookie and Authorization headers are leaked when following cross-origin redirects in `twited.web.client.RedirectAgent` and `twisted.web.client.BrowserLikeRedirectAgent`.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T22:36:00", "type": "osv", "title": "Cookie and header exposure in twisted", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-04-11T01:42:36", "id": "OSV:GHSA-92X2-JW7W-XVVX", "href": "https://osv.dev/vulnerability/GHSA-92x2-jw7w-xvvx", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-07-24T19:50:33", "description": "### Impact\n\nThe Twisted SSH client and server implementation naively accepted an infinite amount of data for the peer's SSH version identifier.\n\nA malicious peer can trivially craft a request that uses all available memory and crash the server, resulting in denial of service. The attack is as simple as `nc -rv localhost 22 < /dev/zero`.\n\n### Patches\n\nThe issue was fix in GitHub commit https://github.com/twisted/twisted/commit/98387b39e9f0b21462f6abc7a1325dc370fcdeb1\n\nA fix is available in Twisted 22.2.0.\n\n### Workarounds\n\n* Limit access to the SSH server only to trusted source IP addresses.\n* Connect over SSH only to trusted destination IP addresses.\n\n### References\n\nReported at https://twistedmatrix.com/trac/ticket/10284\nDiscussions at https://github.com/twisted/twisted/security/advisories/GHSA-rv6r-3f5q-9rgx\n\n### For more information\n\nFound by vin01", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T19:02:08", "type": "osv", "title": "Twisted SSH client and server deny of service during SSH handshake.", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-24T19:50:01", "id": "OSV:GHSA-RV6R-3F5Q-9RGX", "href": "https://osv.dev/vulnerability/GHSA-rv6r-3f5q-9rgx", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-28T06:38:02", "description": "\nIt was discovered that there was an issue in the Twisted Python network\nframework where SSH client and server implementions could accept an infinite\namount of data for the peer's SSH version identifier and that a buffer then\nuses all available memory.\n\n\n* [CVE-2022-21716](https://security-tracker.debian.org/tracker/CVE-2022-21716)\nCVE-2022-21716: Twisted is an event-based framework for internet\n applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client\n and server implement is able to accept an infinite amount of data for the\n peer's SSH version identifier. This ends up with a buffer using all the\n available memory. The attach is a simple as `nc -rv localhost 22 <\n /dev/zero`. A patch is available in version 22.2.0. There are currently no\n known workarounds.\n\n\nFor Debian 9 Stretch, this problem has been fixed in version\n16.6.0-2+deb9u2.\n\n\nWe recommend that you upgrade your twisted packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-08T00:00:00", "type": "osv", "title": "twisted - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-06-28T06:37:04", "id": "OSV:DLA-2938-1", "href": "https://osv.dev/vulnerability/DLA-2938-1", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-11T20:52:24", "description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2022-03-03T21:15:00", "type": "osv", "title": "PYSEC-2022-160", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-03-10T17:35:00", "id": "OSV:PYSEC-2022-160", "href": "https://osv.dev/vulnerability/PYSEC-2022-160", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-04-11T01:47:31", "description": "### Impact\n\nTreq's request methods (`treq.get`, `treq.post`, `HTTPClient.request`, `HTTPClient.get`, etc.) accept cookies as a dictionary, for example:\n\n```py\ntreq.get('https://example.com/', cookies={'session': '1234'})\n```\n\nSuch cookies are not bound to a single domain, and are therefore sent to *every* domain (\"supercookies\"). This can potentially cause sensitive information to leak upon an HTTP redirect to a different domain., e.g. should `https://example.com` redirect to `http://cloudstorageprovider.com` the latter will receive the cookie `session`.\n\n### Patches\n\nTreq 2021.1.0 and later bind cookies given to request methods (`treq.request`, `treq.get`, `HTTPClient.request`, `HTTPClient.get`, etc.) to the origin of the *url* parameter.\n\n### Workarounds\n\nInstead of passing a dictionary as the *cookies* argument, pass a `http.cookiejar.CookieJar` instance with properly domain- and scheme-scoped cookies in it:\n\n```py\nfrom http.cookiejar import CookieJar\nfrom requests.cookies import create_cookie\n\njar = CookieJar()\njar.add_cookie(\n create_cookie(\n name='session',\n value='1234',\n domain='example.com',\n secure=True,\n ),\n)\nclient = HTTPClient(cookies=jar)\nclient.get('https://example.com/')\n```\n\n### References\n\n* Originally reported at [huntr.dev](https://huntr.dev/bounties/3c9204fc-a3d1-4441-8599-924c5f57e7ae/?token=06d930e37046c914bcb037e85cc227dc7b510b475989fc69837566562ba899277d46b0fb4b1e21cdcb6ddc1b7d9b1ded632cf3a3551ecb89afca16a63b34641284b50479d5195bba2ac09b116f3dd4fad27f54404c2de922c05c8c8b744aec27bb4d4d198cb8b3abf479af0c2d5fbaa10412da7922594ac3eb39)\n* A related issue in the handling of HTTP basic authentication was addressed in Twisted 22.1 ([GHSA-92x2-jw7w-xvvx](https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx), CVE-2022-21712).", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-01T00:43:38", "type": "osv", "title": "Unsafe handling of user-specified cookies in treq", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712", "CVE-2022-23607"], "modified": "2023-04-11T01:47:27", "id": "OSV:GHSA-FHPF-PP6P-55QC", "href": "https://osv.dev/vulnerability/GHSA-fhpf-pp6p-55qc", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-05T05:19:19", "description": "\nIt was discovered that Twisted, a Python event-based framework for\ninternet applications, is affected by HTTP request splitting\nvulnerabilities, and may expose sensitive data when following\nredirects. An attacker may bypass validation checks and retrieve\ncredentials.\n\n\n* [CVE-2020-10108](https://security-tracker.debian.org/tracker/CVE-2020-10108)\nHTTP request splitting vulnerability. When presented with two\n content-length headers, it ignored the first header. When the\n second content-length value was set to zero, the request body was\n interpreted as a pipelined request.\n* [CVE-2020-10109](https://security-tracker.debian.org/tracker/CVE-2020-10109)\nHTTP request splitting vulnerability. When presented with a\n content-length and a chunked encoding header, the content-length\n took precedence and the remainder of the request body was\n interpreted as a pipelined request.\n* [CVE-2022-21712](https://security-tracker.debian.org/tracker/CVE-2022-21712)\nTwisted exposes cookies and authorization headers when following\n cross-origin redirects. This issue is present in the\n `twisted.web.RedirectAgent` and\n `twisted.web.BrowserLikeRedirectAgent` functions.\n\n\nFor Debian 9 stretch, these problems have been fixed in version\n16.6.0-2+deb9u1.\n\n\nWe recommend that you upgrade your twisted packages.\n\n\nFor the detailed security status of twisted please refer to\nits security tracker page at:\n<https://security-tracker.debian.org/tracker/twisted>\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2022-02-19T00:00:00", "type": "osv", "title": "twisted - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10108", "CVE-2020-10109", "CVE-2022-21712"], "modified": "2022-08-05T05:19:18", "id": "OSV:DLA-2927-1", "href": "https://osv.dev/vulnerability/DLA-2927-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2023-06-04T14:34:51", "description": "-------------------------------------------------------------------------\nDebian LTS Advisory DLA-3212-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Dominik George\nNovember 28, 2022 https://wiki.debian.org/LTS\n-------------------------------------------------------------------------\n\nPackage : twisted\nVersion : 18.9.0-3+deb10u2\nCVE ID : CVE-2022-39348\nDebian Bug : \n\nIt was discovered that twisted, a framework for internet applications\nwritten in Python, was prone to an HTML injection when displaying the\nHTTP Host header in an error page.\n\nFor Debian 10 buster, this problem has been fixed in version\n18.9.0-3+deb10u2.\n\nWe recommend that you upgrade your twisted packages.\n\nFor the detailed security status of twisted please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/twisted\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\nAttachment:\nsignature.asc\nDescription: PGP signature\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-11-28T15:38:46", "type": "debian", "title": "[SECURITY] [DLA 3212-1] twisted security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2022-11-28T15:38:46", "id": "DEBIAN:DLA-3212-1:3C838", "href": "https://lists.debian.org/debian-lts-announce/2022/11/msg00038.html", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2022-09-10T15:40:38", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2938-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Chris Lamb\nMarch 08, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : twisted\nVersion : 16.6.0-2+deb9u2\nCVE ID : CVE-2022-21716\n\nIt was discovered that there was an issue in the Twisted Python\nnetwork framework where SSH client and server implementions could\naccept an infinite amount of data for the peer's SSH version\nidentifier and that a buffer then uses all available memory.\n\nFor Debian 9 "Stretch", this problem has been fixed in version\n16.6.0-2+deb9u2.\n\nWe recommend that you upgrade your twisted packages.\n\nFor the detailed security status of twisted please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/twisted\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-08T12:02:36", "type": "debian", "title": "[SECURITY] [DLA 2938-1] twisted security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-03-08T12:02:36", "id": "DEBIAN:DLA-2938-1:F62DC", "href": "https://lists.debian.org/debian-lts-announce/2022/03/msg00009.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-09-10T15:41:31", "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2927-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ Sylvain Beucler\nFebruary 19, 2022 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : twisted\nVersion : 16.6.0-2+deb9u1\nCVE ID : CVE-2020-10108 CVE-2020-10109 CVE-2022-21712\nDebian Bug : 953950\n\nIt was discovered that Twisted, a Python event-based framework for\ninternet applications, is affected by HTTP request splitting\nvulnerabilities, and may expose sensitive data when following\nredirects. An attacker may bypass validation checks and retrieve\ncredentials.\n\nCVE-2020-10108\n\n HTTP request splitting vulnerability. When presented with two\n content-length headers, it ignored the first header. When the\n second content-length value was set to zero, the request body was\n interpreted as a pipelined request.\n\nCVE-2020-10109\n\n HTTP request splitting vulnerability. When presented with a\n content-length and a chunked encoding header, the content-length\n took precedence and the remainder of the request body was\n interpreted as a pipelined request.\n\nCVE-2022-21712\n\n Twisted exposes cookies and authorization headers when following\n cross-origin redirects. This issue is present in the\n `twisted.web.RedirectAgent` and\n `twisted.web.BrowserLikeRedirectAgent` functions.\n\nFor Debian 9 stretch, these problems have been fixed in version\n16.6.0-2+deb9u1.\n\nWe recommend that you upgrade your twisted packages.\n\nFor the detailed security status of twisted please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/twisted\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-02-19T16:30:59", "type": "debian", "title": "[SECURITY] [DLA 2927-1] twisted security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10108", "CVE-2020-10109", "CVE-2022-21712"], "modified": "2022-02-19T16:30:59", "id": "DEBIAN:DLA-2927-1:FE743", "href": "https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "veracode": [{"lastseen": "2023-06-03T20:01:04", "description": "twisted is vulnerable to cross-site scripting. The vulnerability is due to the function `_getResourceForRequest` in `vhost.py`. When the host header does not match the configured `twisted.web.vhost.NameVirtualHost`, the 404 page will render the header allowing an attacker to inject and execute HTML and scripts.\n", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-27T06:16:55", "type": "veracode", "title": "Cross-Site Scripting (XSS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-03-08T06:17:27", "id": "VERACODE:37702", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-37702/summary", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-04-18T06:20:08", "description": "twisted is vulnerable to Information Disclosure. Remote unauthenticated attackers are able to gain access to cookies and authorization headers via cross-origin redirects resulting in disclosure of sensitive information.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-08T09:41:27", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-02-01T17:33:09", "id": "VERACODE:34064", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34064/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-18T06:18:44", "description": "twisted is vulnerable to denial of service. The vulnerability exists due to the lack of validation of the peer's SSH version identifier and accepting an infinite amount of data allowing an attacker to craft a request that uses all available memory and crashes the server, \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-04T01:07:19", "type": "veracode", "title": "Denial Of Service (DoS)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-01-13T21:48:57", "id": "VERACODE:34497", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-34497/summary", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2023-06-03T14:43:40", "description": "Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T20:15:00", "type": "debiancve", "title": "CVE-2022-39348", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2022-10-26T20:15:00", "id": "DEBIANCVE:CVE-2022-39348", "href": "https://security-tracker.debian.org/tracker/CVE-2022-39348", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-06-14T14:41:11", "description": "twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T22:15:00", "type": "debiancve", "title": "CVE-2022-21712", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2022-02-07T22:15:00", "id": "DEBIANCVE:CVE-2022-21712", "href": "https://security-tracker.debian.org/tracker/CVE-2022-21712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-01T18:36:18", "description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T21:15:00", "type": "debiancve", "title": "CVE-2022-21716", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-03-03T21:15:00", "id": "DEBIANCVE:CVE-2022-21716", "href": "https://security-tracker.debian.org/tracker/CVE-2022-21716", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2023-06-03T14:59:12", "description": "Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds.", "cvss3": {"exploitabilityScore": 2.3, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 2.7}, "published": "2022-10-26T20:15:00", "type": "cve", "title": "CVE-2022-39348", "cwe": ["CWE-79", "CWE-80"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 6.8, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.9, "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-39348"], "modified": "2023-03-08T01:07:00", "cpe": ["cpe:/o:debian:debian_linux:10.0"], "id": "CVE-2022-39348", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39348", "cvss": {"score": 4.9, "vector": "AV:N/AC:M/Au:S/C:P/I:P/A:N"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-08-01T18:23:16", "description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T21:15:00", "type": "cve", "title": "CVE-2022-21716", "cwe": ["CWE-770"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-24T13:47:00", "cpe": ["cpe:/a:oracle:http_server:12.2.1.4.0", "cpe:/a:oracle:http_server:12.2.1.3.0", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:36", "cpe:/o:fedoraproject:fedora:35", "cpe:/a:oracle:zfs_storage_appliance_kit:8.8"], "id": "CVE-2022-21716", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21716", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-14T14:17:46", "description": "twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T22:15:00", "type": "cve", "title": "CVE-2022-21712", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-02-01T15:45:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "cpe:/o:debian:debian_linux:9.0", "cpe:/o:fedoraproject:fedora:35"], "id": "CVE-2022-21712", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-21712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*"]}], "ibm": [{"lastseen": "2023-06-24T05:50:27", "description": "## Summary\n\nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cookie and authorization header exposure in Twisted (CVE-2022-21712). Twisted is included in the Python code used in some of our service components. Please read the details for remediation below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-21712](<https://vulners.com/cve/CVE-2022-21712>) \n** DESCRIPTION: **Twisted could allow a remote attacker to obtain sensitive information, caused by a flaw when following cross-origin redirects. By sending a specially-crafted request using the \"twited.web.RedirectAgent\" and \"twisted.web. BrowserLikeRedirectAgent\" functions, an attacker could exploit this vulnerability to obtain cookies and authorization headers information, and use this information to launch further attacks against the affected system. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/219441](<https://exchange.xforce.ibmcloud.com/vulnerabilities/219441>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.0.0 - 4.5.0 \n \n \n \n\n\n \n\n\n## Remediation/Fixes\n\nIBM recommends addressing the vulnerability now by upgrading. \n\nProduct(s)| Version(s) \n| Remediation/Fix/Instructions \n---|---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.5.1| The fix in 4.5.1 applies to all versions listed (4.0.0-4.5.0). Version 4.5.1 can be downloaded and installed from: \n[https://www.ibm.com/docs/en/cloud-pa](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=installing>)[ks/cp-data/4.5.x?topic=installing](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=installing>) \n \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T21:59:00", "type": "ibm", "title": "Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to cookie and authorization header exposure in Twisted (CVE-2022-21712).", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-01-12T21:59:00", "id": "D75D1F4906CB770C70D8213D83CDF4898056CB3A7E61CC2FD073E6E292BFBAD6", "href": "https://www.ibm.com/support/pages/node/6605065", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-24T05:50:09", "description": "## Summary\n\nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerableto a denial of service, caused by a buffer overflow in the peer's SSH version identifier, in Twisted (CVE-2022-21716). Twisted is used as part of the Python code used in some of our service components. Please read the details for remediation below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-21716](<https://vulners.com/cve/CVE-2022-21716>) \n** DESCRIPTION: **Twisted is vulnerable to a denial of service, caused by a buffer overflowin the peer's SSH version identifier. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume available memory and crash the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221053](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221053>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.0.0 - 4.0.8 \n \n\n\n## Remediation/Fixes\n\n**Product(s)**| **Version(s) \n**| **Remediation/Fix/Instructions** \n---|---|--- \n**IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data**| **4.0.9**| **The fix in 4.0.9 applies to all versions listed (4.0.0-4.0.8). Version 4.0.9 can be downloaded and installed from: \n<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.0?topic=planning-operator-operand-versions> \n** \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T21:59:00", "type": "ibm", "title": "Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable a denial of service, caused by a buffer overflow with Twisted (CVE-2022-21716)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-01-12T21:59:00", "id": "C4B5E7CAC069DC1C110C3501074FB57C93180DE314A46BDFD9207A94CAF56A9C", "href": "https://www.ibm.com/support/pages/node/6593867", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-24T05:50:12", "description": "## Summary\n\nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in Twisted, caused by a buffer overflow in the peer's SSH version identifier. (CVE-2022-21716). Twisted is used as part of our speech runtime component. Please read the details for remediation below.\n\n## Vulnerability Details\n\n** CVEID: **[CVE-2022-21716](<https://vulners.com/cve/CVE-2022-21716>) \n** DESCRIPTION: **Twisted is vulnerable to a denial of service, caused by a buffer overflowin the peer's SSH version identifier. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to consume available memory and crash the server. \nCVSS Base score: 7.5 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/221053](<https://exchange.xforce.ibmcloud.com/vulnerabilities/221053>) for the current score. \nCVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)\n\n## Affected Products and Versions\n\nAffected Product(s)| Version(s) \n---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.0.0 - 4.5.0 \n \n \n\n\n## Remediation/Fixes\n\nIBM recommends addressing the vulnerability now by upgrading. \n\nProduct(s)| Version(s) \n| Remediation/Fix/Instructions \n---|---|--- \nIBM Watson Speech Services Cartridge for IBM Cloud Pak for Data| 4.5.1| The fix in 4.5.1 applies to all versions listed (4.0.0-4.5.0). Version 4.5.1 can be downloaded and installed from: \n[https://www.ibm.com/docs/en/cloud-pa](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=installing>)[ks/cp-data/4.5.x?topic=installing](<https://www.ibm.com/docs/en/cloud-paks/cp-data/4.5.x?topic=installing>) \n \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T21:59:00", "type": "ibm", "title": "Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service, caused by a buffer overflow in Twisted (CVE-2022-21716)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-01-12T21:59:00", "id": "6AB7786E041E27D2A9F0D51E55B4163291062C56CE924F8A2477EAD09C35569A", "href": "https://www.ibm.com/support/pages/node/6610100", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "alpinelinux": [{"lastseen": "2023-06-23T11:06:05", "description": "twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-07T22:15:00", "type": "alpinelinux", "title": "CVE-2022-21712", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2023-02-01T15:45:00", "id": "ALPINE:CVE-2022-21712", "href": "https://security.alpinelinux.org/vuln/CVE-2022-21712", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-01T19:24:42", "description": "Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-03T21:15:00", "type": "alpinelinux", "title": "CVE-2022-21716", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2023-07-24T13:47:00", "id": "ALPINE:CVE-2022-21716", "href": "https://security.alpinelinux.org/vuln/CVE-2022-21716", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2022-04-18T12:39:45", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for python-Twisted fixes the following issues:\n\n - CVE-2022-21712: Fixed secret exposure in cross-origin redirects by\n properly removing sensitive headers when redirecting to a different\n origin (bsc#1195667).\n\n\nPatch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-499=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-499=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-18T00:00:00", "type": "suse", "title": "Security update for python-Twisted (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21712"], "modified": "2022-02-18T00:00:00", "id": "OPENSUSE-SU-2022:0499-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/233XDDM6URC3DPBBAKQV2AZQY6TBXJRV/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-11-08T04:08:17", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for python-Twisted fixes the following issues:\n\n - CVE-2022-21716: Fixed that ssh server accepts an infinite amount of data\n using all the available memory (bsc#1196739).\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2297=1\n\n - SUSE Linux Enterprise Module for Server Applications 15-SP4:\n\n zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-2297=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-07-06T00:00:00", "type": "suse", "title": "Security update for python-Twisted (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-07-06T00:00:00", "id": "SUSE-SU-2022:2297-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q5ONJTTJDLTJ6LUVVHCPDKG4SR6KAMG7/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-06-14T15:52:40", "description": "An update that fixes one vulnerability is now available.\n\nDescription:\n\n This update for python-Twisted fixes the following issues:\n\n - CVE-2022-21716: Fixed that ssh server accepts an infinite amount of data\n using all the available memory (bsc#1196739).\n\n\nPatch Instructions:\n\n To install this SUSE Security Update use the SUSE recommended installation methods\n like YaST online_update or \"zypper patch\".\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.4:\n\n zypper in -t patch openSUSE-SLE-15.4-2022-2070=1\n\n - openSUSE Leap 15.3:\n\n zypper in -t patch openSUSE-SLE-15.3-2022-2070=1\n\n - SUSE Manager Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2070=1\n\n - SUSE Manager Retail Branch Server 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2070=1\n\n - SUSE Manager Proxy 4.1:\n\n zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2070=1\n\n - SUSE Linux Enterprise Server for SAP 15-SP2:\n\n zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2070=1\n\n - SUSE Linux Enterprise Server 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2070=1\n\n - SUSE Linux Enterprise Server 15-SP2-BCL:\n\n zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2070=1\n\n - SUSE Linux Enterprise Module for Server Applications 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP3-2022-2070=1\n\n - SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP3:\n\n zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP3-2022-2070=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2070=1\n\n - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS:\n\n zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2070=1\n\n - SUSE Enterprise Storage 7:\n\n zypper in -t patch SUSE-Storage-7-2022-2070=1", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-06-14T00:00:00", "type": "suse", "title": "Security update for python-Twisted (important)", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-06-14T00:00:00", "id": "SUSE-SU-2022:2070-1", "href": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/A6J4G47IYL643PG6ICAK54KPLLN3SLIR/", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cnvd": [{"lastseen": "2022-11-04T13:21:17", "description": "Twisted is an event-driven open source network engine written in Python. Twisted has security vulnerabilities, and no details of the vulnerabilities are currently available.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-03-04T00:00:00", "type": "cnvd", "title": "Twisted has unspecified vulnerabilities", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21716"], "modified": "2022-03-15T00:00:00", "id": "CNVD-2022-19501", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2022-19501", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oracle": [{"lastseen": "2023-09-22T08:09:14", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 520 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ April 2022 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2857016.1>).\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2022-04-19T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - April 2022", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-1000353", "CVE-2017-14159", "CVE-2017-17740", "CVE-2017-9287", "CVE-2018-1000067", "CVE-2018-1000068", "CVE-2018-1000192", "CVE-2018-1000193", "CVE-2018-1000194", "CVE-2018-1000195", "CVE-2018-11212", "CVE-2018-1285", "CVE-2018-1999001", "CVE-2018-1999002", "CVE-2018-1999003", "CVE-2018-1999004", "CVE-2018-1999005", "CVE-2018-1999007", "CVE-2018-2601", "CVE-2018-6356", "CVE-2018-8032", "CVE-2019-0227", "CVE-2019-1003049", "CVE-2019-1003050", "CVE-2019-10086", "CVE-2019-10247", "CVE-2019-10383", "CVE-2019-10384", "CVE-2019-12086", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-13038", "CVE-2019-13057", "CVE-2019-13565", "CVE-2019-13750", "CVE-2019-13751", "CVE-2019-14822", "CVE-2019-14862", "CVE-2019-16785", "CVE-2019-16786", "CVE-2019-16789", "CVE-2019-16792", "CVE-2019-17195", "CVE-2019-17571", "CVE-2019-18218", "CVE-2019-18276", "CVE-2019-19603", "CVE-2019-20388", "CVE-2019-20838", "CVE-2019-20916", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-3799", "CVE-2019-5827", "CVE-2020-10531", "CVE-2020-10543", "CVE-2020-10693", "CVE-2020-10878", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11612", "CVE-2020-11971", "CVE-2020-11979", "CVE-2020-12243", "CVE-2020-12723", "CVE-2020-13434", "CVE-2020-13435", "CVE-2020-13935", "CVE-2020-13936", "CVE-2020-13956", "CVE-2020-14155", "CVE-2020-14340", "CVE-2020-14343", "CVE-2020-15250", "CVE-2020-15358", "CVE-2020-15719", "CVE-2020-16135", "CVE-2020-17521", "CVE-2020-17527", "CVE-2020-17530", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-24977", "CVE-2020-25638", "CVE-2020-25649", "CVE-2020-25659", "CVE-2020-27218", "CVE-2020-28052", "CVE-2020-28196", "CVE-2020-28895", "CVE-2020-29363", "CVE-2020-29582", "CVE-2020-35198", "CVE-2020-35490", "CVE-2020-35491", "CVE-2020-35728", "CVE-2020-36179", "CVE-2020-36180", "CVE-2020-36181", "CVE-2020-36182", "CVE-2020-36183", "CVE-2020-36184", "CVE-2020-36185", "CVE-2020-36186", "CVE-2020-36187", "CVE-2020-36188", "CVE-2020-36189", "CVE-2020-36242", "CVE-2020-36518", "CVE-2020-5245", "CVE-2020-5413", "CVE-2020-5421", "CVE-2020-6950", "CVE-2020-7226", "CVE-2020-7595", "CVE-2020-7760", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8203", "CVE-2020-8231", "CVE-2020-8277", "CVE-2020-8284", "CVE-2020-8285", "CVE-2020-8286", "CVE-2020-8554", "CVE-2020-8908", "CVE-2020-9488", "CVE-2021-20231", "CVE-2021-20232", "CVE-2021-20289", "CVE-2021-21275", "CVE-2021-21290", "CVE-2021-21295", "CVE-2021-21409", "CVE-2021-21703", "CVE-2021-22096", "CVE-2021-22118", "CVE-2021-22132", "CVE-2021-22134", "CVE-2021-22144", "CVE-2021-22145", "CVE-2021-22569", "CVE-2021-22570", "CVE-2021-22696", "CVE-2021-22897", "CVE-2021-22898", "CVE-2021-22901", "CVE-2021-22946", "CVE-2021-22947", "CVE-2021-23017", "CVE-2021-23450", "CVE-2021-2351", "CVE-2021-23839", "CVE-2021-23840", "CVE-2021-23841", "CVE-2021-2427", "CVE-2021-2464", "CVE-2021-2471", "CVE-2021-25219", "CVE-2021-26291", "CVE-2021-27568", "CVE-2021-27645", "CVE-2021-27807", "CVE-2021-27906", "CVE-2021-28168", "CVE-2021-28169", "CVE-2021-28170", "CVE-2021-28657", "CVE-2021-29425", "CVE-2021-29505", "CVE-2021-29921", "CVE-2021-30129", "CVE-2021-30468", "CVE-2021-3156", "CVE-2021-31799", "CVE-2021-31810", "CVE-2021-31811", "CVE-2021-31812", "CVE-2021-3200", "CVE-2021-32066", "CVE-2021-32626", "CVE-2021-32627", "CVE-2021-32628", "CVE-2021-32672", "CVE-2021-32675", "CVE-2021-32687", "CVE-2021-32762", "CVE-2021-32785", "CVE-2021-32786", "CVE-2021-32791", "CVE-2021-32792", "CVE-2021-33037", "CVE-2021-33193", "CVE-2021-33560", "CVE-2021-33574", "CVE-2021-33813", "CVE-2021-33880", "CVE-2021-34429", "CVE-2021-3445", "CVE-2021-3449", "CVE-2021-3450", "CVE-2021-34798", "CVE-2021-35043", "CVE-2021-3517", "CVE-2021-3518", "CVE-2021-3520", "CVE-2021-3521", "CVE-2021-3537", "CVE-2021-35515", "CVE-2021-35516", "CVE-2021-35517", "CVE-2021-35574", "CVE-2021-3572", "CVE-2021-3580", "CVE-2021-35942", "CVE-2021-36084", "CVE-2021-36085", "CVE-2021-36086", "CVE-2021-36087", "CVE-2021-36090", "CVE-2021-36160", "CVE-2021-36373", "CVE-2021-36374", "CVE-2021-3690", "CVE-2021-3711", "CVE-2021-3712", "CVE-2021-37136", "CVE-2021-37137", "CVE-2021-37714", "CVE-2021-3807", "CVE-2021-38153", "CVE-2021-39139", "CVE-2021-39140", "CVE-2021-39141", "CVE-2021-39144", "CVE-2021-39145", "CVE-2021-39146", "CVE-2021-39147", "CVE-2021-39148", "CVE-2021-39149", "CVE-2021-39150", "CVE-2021-39151", "CVE-2021-39152", "CVE-2021-39153", "CVE-2021-39154", "CVE-2021-39275", "CVE-2021-4034", "CVE-2021-40438", "CVE-2021-40690", "CVE-2021-4104", "CVE-2021-41099", "CVE-2021-41164", "CVE-2021-41165", "CVE-2021-41182", "CVE-2021-41183", "CVE-2021-41184", "CVE-2021-4160", "CVE-2021-41617", "CVE-2021-4181", "CVE-2021-4182", "CVE-2021-4183", "CVE-2021-4184", "CVE-2021-4185", "CVE-2021-41973", "CVE-2021-42013", "CVE-2021-42340", "CVE-2021-42392", "CVE-2021-42717", "CVE-2021-43395", "CVE-2021-43527", "CVE-2021-43797", "CVE-2021-43818", "CVE-2021-43859", "CVE-2021-44224", "CVE-2021-44531", "CVE-2021-44532", "CVE-2021-44533", "CVE-2021-44790", "CVE-2021-44832", "CVE-2021-45105", "CVE-2022-0391", "CVE-2022-0778", "CVE-2022-20612", "CVE-2022-20613", "CVE-2022-20614", "CVE-2022-20615", "CVE-2022-21271", "CVE-2022-21375", "CVE-2022-21384", "CVE-2022-21404", "CVE-2022-21405", "CVE-2022-21409", "CVE-2022-21410", "CVE-2022-21411", "CVE-2022-21412", "CVE-2022-21413", "CVE-2022-21414", "CVE-2022-21415", "CVE-2022-21416", "CVE-2022-21417", "CVE-2022-21418", "CVE-2022-21419", "CVE-2022-21420", "CVE-2022-21421", "CVE-2022-21422", "CVE-2022-21423", "CVE-2022-21424", "CVE-2022-21425", "CVE-2022-21426", "CVE-2022-21427", "CVE-2022-21430", "CVE-2022-21431", "CVE-2022-21434", "CVE-2022-21435", "CVE-2022-21436", "CVE-2022-21437", "CVE-2022-21438", "CVE-2022-21440", "CVE-2022-21441", "CVE-2022-21442", "CVE-2022-21443", "CVE-2022-21444", "CVE-2022-21445", "CVE-2022-21446", "CVE-2022-21447", "CVE-2022-21448", "CVE-2022-21449", "CVE-2022-21450", "CVE-2022-21451", "CVE-2022-21452", "CVE-2022-21453", "CVE-2022-21454", "CVE-2022-21457", "CVE-2022-21458", "CVE-2022-21459", "CVE-2022-21460", "CVE-2022-21461", "CVE-2022-21462", "CVE-2022-21463", "CVE-2022-21464", "CVE-2022-21465", "CVE-2022-21466", "CVE-2022-21467", "CVE-2022-21468", "CVE-2022-21469", "CVE-2022-21470", "CVE-2022-21471", "CVE-2022-21472", "CVE-2022-21473", "CVE-2022-21474", "CVE-2022-21475", "CVE-2022-21476", "CVE-2022-21477", "CVE-2022-21478", "CVE-2022-21479", "CVE-2022-21480", "CVE-2022-21481", "CVE-2022-21482", "CVE-2022-21483", "CVE-2022-21484", "CVE-2022-21485", "CVE-2022-21486", "CVE-2022-21487", "CVE-2022-21488", "CVE-2022-21489", "CVE-2022-21490", "CVE-2022-21491", "CVE-2022-21492", "CVE-2022-21493", "CVE-2022-21494", "CVE-2022-21496", "CVE-2022-21497", "CVE-2022-21498", "CVE-2022-21716", "CVE-2022-21824", "CVE-2022-22719", "CVE-2022-22720", "CVE-2022-22721", "CVE-2022-22947", "CVE-2022-22963", "CVE-2022-22965", "CVE-2022-22968", "CVE-2022-23181", "CVE-2022-23221", "CVE-2022-23302", "CVE-2022-23305", "CVE-2022-23307", "CVE-2022-23437", "CVE-2022-23852", "CVE-2022-23943", "CVE-2022-23990", "CVE-2022-24329", "CVE-2022-25235", "CVE-2022-25236", "CVE-2022-25313", "CVE-2022-25314", "CVE-2022-25315"], "modified": "2022-06-16T00:00:00", "id": "ORACLE:CPUAPR2022", "href": "https://www.oracle.com/security-alerts/cpuapr2022.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}

GLSA-202301-02 : Twisted: Multiple Vulnerabilities

Description

Related