CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

142 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в twisted

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request...

9.8CVSS6.9AI score0.02327EPSS

Exploits1References2

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в twisted

Twisted is an event-based framework for internet applications, compatible with Python 3.6+. Before version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than allowed by RFC 7230. This non-conformant parsin...

8.1CVSS7.1AI score0.01107EPSS

Exploits0References2

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в twisted

In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request...

9.8CVSS6.9AI score0.02324EPSS

Exploits1References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 7 : python-twisted-web-12.1.0-8.el7 (AXSA:2022-3204:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3204:01 advisory. python-twisted: possible http request smuggling CVE-2022-24801 Tenable has extracted the preceding description block directly from the MiracleLinux security...

8.1CVSS8.4AI score0.01107EPSS

Exploits0References2

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 4 : python-twisted-web-8.2.0-6.AXS4 (AXSA:2020-036:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-036:02 advisory. python-twisted: HTTP request smuggling when presented with two Content-Length headers CVE-2020-10108 Tenable has extracted the preceding description block...

9.8CVSS8.5AI score0.02324EPSS

Exploits1References2

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

MiracleLinux 4 : python-twisted-web-8.2.0-5.AXS4 (AXSA:2016-689:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-689:01 advisory. Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Pytho...

5.3CVSS5.5AI score0.00581EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0229

Malware in sbrugna...

9.8CVSS7.9AI score0.02327EPSS

Exploits1References23

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0228

Malware in sbrugna...

9.8CVSS8.3AI score0.02324EPSS

Exploits1References26

Redos•added 2025/09/22 12:0 a.m.•1 views

ROS-20250922-08

Twisted Web HTTP 1.1 server vulnerability in the twisted.web.http module of the Twisted networking framework is related to the HTTP request processing flaws. Exploitation of the vulnerability allows an attacker acting remotely to gain access to confidential data. remotely to gain access to...

8.3CVSS6.8AI score0.0367EPSS

Exploits1

Redos•added 2025/09/05 12:0 a.m.•3 views

ROS-20250905-02

A vulnerability in the twisted.web component of the Twisted networking framework is related to inconsistent interpretation of HTTP requests. interpretation of HTTP requests. Exploitation of the vulnerability could allow an attacker acting remotely affect the integrity of protected information as ...

5.3CVSS6.8AI score0.0074EPSS

Exploits1

Positive Technologies•added 2025/08/05 12:0 a.m.•3 views

PT-2025-31952 · Unknown · Twisted Web

Name of the Vulnerable Software and Affected Versions: TwistedWeb version 14.0.0 Description: A command injection issue exists in TwistedWeb due to improper input sanitization in the file upload functionality. An attacker can exploit this by sending a specially crafted HTTP PUT request to upload ...

6.5CVSS8.4AI score0.00845EPSS

Exploits1References6

Redos•added 2025/03/26 12:0 a.m.•4 views

ROS-20250326-06

A vulnerability in the Twisted Web component of the Twisted networking framework is related to insufficient input data validation when processing HTTP headers. data when processing HTTP headers. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

9.8CVSS7AI score0.02327EPSS

Exploits2

Tenable Nessus•added 2025/03/05 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-24801

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in t...

8.1CVSS7.2AI score0.01107EPSS

Exploits0References1

Microsoft CVE•added 2025/02/14 8:0 a.m.•0 views

twisted.web has disordered HTTP pipeline response

...

5.3CVSS5.8AI score0.0074EPSS

Exploits1

Mageia•added 2025/02/12 6:37 a.m.•66 views

Updated python-twisted packages fix security vulnerabilities

Twisted.web has disordered HTTP pipeline response. CVE-2023-46137 Twisted.web has disordered HTTP pipeline response. CVE-2024-41671 HTML injection in HTTP redirect body. CVE-2024-41810...

8.3CVSS6.5AI score0.67844EPSS

Exploits1References4

Amazon•added 2024/10/31 12:0 a.m.•3 views

Medium: python-twisted

Issue Overview: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The twisted.web.util.redirectTo function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected...

6.1CVSS6.4AI score0.67844EPSS

Exploits0