OESA-2023-1910 python-twisted security update

🗓️ 15 Dec 2023 11:06:28Reported by GoogleType

osv

osv🔗 osv.dev👁 1 Views

Twisted security update fixes unescaped Host header in 404 responses when host does not match.

Reporter	Title	Published	Views	Family All 73
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an HTTP header injection in Twisted [CVE-2022-39348]	31 Jan 202423:29	–	ibm
Tenable Nessus	Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2023-130)	21 Mar 202300:00	–	nessus
Tenable Nessus	Amazon Linux 2 : python-twisted-web (ALAS-2023-2008)	5 Apr 202300:00	–	nessus
Tenable Nessus	Amazon Linux AMI : python-twisted-web (ALAS-2023-1717)	6 Apr 202300:00	–	nessus
Tenable Nessus	Debian dla-3212 : python-twisted - security update	28 Nov 202200:00	–	nessus
Tenable Nessus	Debian dla-3970 : python3-twisted - security update	28 Nov 202400:00	–	nessus
Tenable Nessus	GLSA-202301-02 : Twisted: Multiple Vulnerabilities	11 Jan 202300:00	–	nessus
Tenable Nessus	RHEL 8 : python-twisted (Unpatched Vulnerability)	3 Jun 202400:00	–	nessus
Tenable Nessus	Oracle Solaris Critical Patch Update : jul2023_SRU11_4_57_144_3	20 Jul 202300:00	–	nessus
Tenable Nessus	SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:4000-1)	16 Nov 202200:00	–	nessus

Source	Link
openeuler	www.openeuler.org/en/security/safety-bulletin/detail.html
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-39348

03 Sep 2025 06:18Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.15.4

EPSS0.01199

SSVC

host header vulnerability unescaped host not found responses twisted update