Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2022-39348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host...

5.4CVSS6.2AI score0.01156EPSS
Exploits1References2
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.28 views

CVE-2022-39348 affecting package python-twisted 20.3.0-4

CVE-2022-39348 affecting package python-twisted 20.3.0-4. No patch is available currently...

5.4CVSS7.5AI score0.01156EPSS
Exploits1
Debian
Debian
added 2024/11/28 3:34 p.m.16 views

[SECURITY] [DLA 3970-1] twisted security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3970-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 28, 2024 https://wiki.debian.org/LTS -...

8.3CVSS6.8AI score0.01156EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2024/11/28 12:0 a.m.16 views

Debian dla-3970 : python3-twisted - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3970 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3970-1 [email protected]...

8.3CVSS6.1AI score0.01156EPSS
Exploits2References10
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/31 11:29 p.m.39 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an HTTP header injection in Twisted [CVE-2022-39348]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an HTTP header injection in Twisted, caused by improper validation of input by the NameVirtualHost Host header CVE-2022-39348. Twisted is used as a component of our Speech runtimes. This vulnerabilitiy has be...

5.4CVSS5.6AI score0.01156EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2024/01/11 12:0 a.m.23 views

Ubuntu: Security Advisory (USN-6575-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.4CVSS5.8AI score0.01156EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2024/01/10 1:39 p.m.66 views

USN-6575-1: Twisted vulnerabilities

It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly use this issue to perform HTML and script injection attacks. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-39348 It was discovered that Twisted...

5.4CVSS6.4AI score0.01156EPSS
Exploits2
OSV
OSV
added 2024/01/10 1:39 p.m.11 views

USN-6575-1 twisted vulnerabilities

It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly use this issue to perform HTML and script injection attacks. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-39348 It was discovered that Twisted...

5.4CVSS6.4AI score0.01156EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.38 views

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Twisted vulnerabilities (USN-6575-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6575-1 advisory. It was discovered that Twisted incorrectly escaped host headers in certain 404 responses. A remote attacker could possibly us...

5.4CVSS6.5AI score0.01156EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/04/06 12:0 a.m.38 views

Amazon Linux AMI : python-twisted-web (ALAS-2023-1717)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1717 advisory. A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length...

8.1CVSS6.6AI score0.028EPSS
Exploits1References6
Amazon
Amazon
added 2023/04/05 12:0 a.m.73 views

Important: python-twisted-web

Issue Overview: A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass...

8.1CVSS7AI score0.028EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/04/05 12:0 a.m.25 views

Amazon Linux 2 : python-twisted-web (ALAS-2023-2008)

The version of python-twisted-web installed on the remote host is prior to 12.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2008 advisory. Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does no...

5.4CVSS6.4AI score0.01156EPSS
Exploits1References4
Amazon
Amazon
added 2023/03/22 12:0 a.m.3 views

Medium: python-twisted

Issue Overview: Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowi...

5.4CVSS5.9AI score0.01156EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.28 views

Amazon Linux 2023 : python3-twisted, python3-twisted+tls (ALAS2023-2023-130)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-130 advisory. Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResourc...

5.4CVSS6.3AI score0.01156EPSS
Exploits1References4
Mageia
Mageia
added 2023/02/27 8:27 p.m.33 views

Updated python-twisted packages fix security vulnerability

When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. CVE-2022-39348...

5.4CVSS0.9AI score0.01156EPSS
Exploits1References4
OSV
OSV
added 2023/02/27 8:27 p.m.6 views

MGASA-2023-0061 Updated python-twisted packages fix security vulnerability

When the host header does not match a configured host twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. CVE-2022-39348...

5.4CVSS5.8AI score0.01156EPSS
Exploits1References5
CBLMariner
CBLMariner
added 2023/01/03 9:3 p.m.22 views

CVE-2022-39348 affecting package python-twisted for versions less than 22.10.0-2

CVE-2022-39348 affecting package python-twisted for versions less than 22.10.0-2. An upgraded version of the package is available that resolves this issue...

5.4CVSS5.9AI score0.01156EPSS
Exploits1
Debian
Debian
added 2022/11/28 3:38 p.m.49 views

[SECURITY] [DLA 3212-1] twisted security update

Debian LTS Advisory DLA-3212-1 [email protected] https://www.debian.org/lts/security/ Dominik George November 28, 2022 https://wiki.debian.org/LTS Package : twisted Version : 18.9.0-3+deb10u2 CVE ID : CVE-2022-39348 Debian Bug : It was discovered that twisted, a framework for internet...

5.4CVSS6.3AI score0.01156EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/11/28 12:0 a.m.38 views

Debian dla-3212 : python-twisted - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3212 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3212-1 [email protected] https://www.debian.org/lts/security/...

5.4CVSS6.3AI score0.01156EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2022/11/21 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2022:4074-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7AI score0.04083EPSS
Exploits3References2
Rows per page
Query Builder