Amazon Linux 2022 : python3-twisted, python3-twisted+tls (ALAS2022-2022-046)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-046 advisory. An uncontrolled resource consumption flaw was found in python-twisted in the dataReceived function. This flaw allows an unauthenticated, remote attacker to send a simple command to use all available...

SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:2297-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2297-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server...

SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:2117-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:2117-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server...

[SECURITY] Fedora 35 Update: python3.6-3.6.15-3.fc35

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

[SECURITY] Fedora 36 Update: python3.6-3.6.15-9.fc36

Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software...

Fedora: Security Advisory for python3.6 (FEDORA-2022-4b0dfda810)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: python-fastapi-0.75.2-1.fc36

FastAPI is a modern, fast high-performance, web framework for building APIs with Python 3.6+ based on standard Python type hints. The key features are: =EF=BF=BD=EF=BF=BD=EF=BF=BD Fast: Very high performance, on par with NodeJS and Go thanks to Starlette and Pydantic. One of the fastest Python...

CVE-2022-24801 HTTP Request Smuggling in twisted.web

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing...

CVE-2022-24801

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing...

Ubuntu 18.04 LTS / 20.04 LTS : Twisted vulnerabilities (USN-5354-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5354-1 advisory. It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could...

Fedora: Security Advisory for python-fastapi (FEDORA-2022-dbf6e00ba8)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian DLA-2938-1 : twisted - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2938 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an...

Design/Logic Flaw

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...

PYSEC-2022-160

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...

CVE-2022-21716 Buffer Overflow in Twisted

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...

CVE-2022-21716 Buffer Overflow in Twisted

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach...

CVE-2022-21716

CVE-2022-21716 affects Twisted (Python, event-driven networking framework). The issue arises in Twisted SSH client/server where, prior to 22.2.0, the peer SSH version identifier can be fed an unlimited amount of data, causing a memory-exhaustion vulnerability (buffer growth). The example of explo...

Scylla - The Simplistic Information Gathering Engine | Find Advanced Information On A Username, Website, Phone Number, Etc

Notice For Deprecation This project is no longer being worked on by the developer. As of today, the program has many flaws and is not up to modern OSINT standards. A lot of APIs utilized within Scylla are no longer working as they did when the project was first released. The developer wrote Scyll...

vault-cli injection vulnerability

vault-cli is a Python 3.6 tool that provides simple interactions to manipulate secrets from Hashicorp Vault. vault-cli is vulnerable to an injection vulnerability in versions prior to 3.0.0, which stems from the failure of a network system or product to properly filter special elements in code...

Oracle Linux 8 : python36:3.6 (ELSA-2021-4150)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-4150 advisory. python-docs 3.6.7-2 - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz1695587 3.6.7-1 - Modify for RHEL8 - Update to new Python...