AZL-47073 CVE-2024-41810 affecting package python-twisted for versions less than 22.10.0-3

🗓️ 29 Jul 2024 16:15:05Reported by GoogleType

osv🔗 osv.dev👁 2 Views

CVE-2024-41810 affects python-twisted below 22.10.0-3; redirectTo HTML injection can cause reflected cross site scripting.

Reporter	Title	Published	Views	Family All 78
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to cross-site scripting in Twisted [CVE-2024-41810]	1 May 202519:37	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability Werkzeug, Twisted-22.10.0-py3, requests-2.32.2-py3, commons-lang-2.6, commons-fileupload-1.5, urllib3-2.2.2, jetty-server-9.4.56.v20240826 affect IBM Cloud Object Storage Systems (Oct 2025)	24 Oct 202515:45	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to cross-site scripting in Twisted [CVE-2024-41810]	27 Feb 202514:58	–	ibm
Tenable Nessus	Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2024-746)	31 Oct 202400:00	–	nessus
Tenable Nessus	Azure Linux 3.0 Security Update: python-twisted (CVE-2024-41810)	10 Feb 202500:00	–	nessus
Tenable Nessus	Debian dla-3970 : python3-twisted - security update	28 Nov 202400:00	–	nessus
Tenable Nessus	Debian dsa-5797 : python3-twisted - security update	25 Oct 202400:00	–	nessus
Tenable Nessus	CBL Mariner 2.0 Security Update: python-twisted (CVE-2024-41810)	19 Aug 202400:00	–	nessus
Tenable Nessus	RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:7312)	27 Sep 202400:00	–	nessus
Tenable Nessus	SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2024:2732-1)	6 Aug 202400:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2024-41810

21 Apr 2026 04:32Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.1

EPSS0.67844