2 matches found
AZL-35140 CVE-2023-46137 affecting package python-twisted for versions less than 22.10.0-4
Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web will process the requests asynchronously without guaranteeing the response order. If one of the endpoints is controlled by an attacker, th...
Twisted Environmental Issues Vulnerability
Twisted is an event-driven open source web engine written in the Python language. A security vulnerability exists in versions prior to Twisted 23.10.0rc1, which stems from the fact that when multiple HTTP requests are sent in a single TCP packet, twisted.web processes the requests asynchronously...