35 matches found
MiracleLinux 7 : python-twisted-web-12.1.0-8.el7 (AXSA:2022-3204:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3204:01 advisory. python-twisted: possible http request smuggling CVE-2022-24801 Tenable has extracted the preceding description block directly from the MiracleLinux security...
BELL-CVE-2022-24801 CVE-2022-24801 does not affect BellSoft software
Bulletin has no description...
Amazon Linux AMI : python-twisted-web (ALAS-2023-1717)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1717 advisory. A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length...
Important: python-twisted-web
Issue Overview: A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass...
CBL Mariner 2.0 Security Update: python-twisted (CVE-2022-24801)
The version of python-twisted installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-24801 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an HTTP request smuggling issue in Twisted (CVE-2022-24801).
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to HTTP request smuggling in Twisted CVE-2022-24801. By using header manipulation, an attacker could exploit this vulnerability to poison a web-cache, perform an XSS attack. Twisted is used as part of our speech...
CVE-2022-24801 affecting package python-twisted for versions less than 22.10.0-1
CVE-2022-24801 affecting package python-twisted for versions less than 22.10.0-1. This CVE either no longer is or was never applicable...
Ubuntu 22.04 LTS : Twisted vulnerability (USN-5576-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5576-1 advisory. It was discovered that Twisted incorrectly parsed some types of HTTP requests in its web server implementation. In certain proxy or multi-server configurations, a...
Amazon Linux 2 : python-twisted-web (ALAS-2022-1827)
The version of python-twisted-web installed on the remote host is prior to 12.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1827 advisory. A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the...
Fedora: Security Advisory for python-twisted (FEDORA-2022-9a489fa494)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for python-twisted (FEDORA-2022-71b66d4747)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2022-24801 affecting package python-twisted 20.3.0-2
CVE-2022-24801 affecting package python-twisted 20.3.0-2. A patched version of the package is available...
Scientific Linux Security Update : python-twisted-web on SL7.x x86_64 (2022:4930)
The remote Scientific Linux 7 host has a package installed that is affected by a vulnerability as referenced in the SLSA-2022:4930-1 advisory. - python-twisted: possible http request smuggling CVE-2022-24801 Note that Nessus has not tested for this issue but has instead relied only on the...
python-twisted-web security update
12.1.0-8 - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114...
Important: Red Hat Security Advisory: python-twisted-web security update
An update for python-twisted-web is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Oracle Linux 7 : python-twisted-web (ELSA-2022-4930)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-4930 advisory. - Security fix for CVE-2022-24801: Possible http request smuggling Resolves: rhbz2073114 - Fix CVE-2020-10108 and CVE-2020-10109 multiple HTTP request smuggling...
RHEL 7 : python-twisted-web (RHSA-2022:4930)
The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:4930 advisory. Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted...
openSUSE: Security Advisory for python-Twisted (SUSE-SU-2022:1477-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Updated python-twisted packages fix security vulnerability
CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on...
Debian DLA-2991-1 : twisted - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2991 advisory. The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conforma...