Lucene search
K

26 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/05/01 7:35 p.m.10 views

Security Bulletin: IBM Watson Speech Services Cartridge v4.8.8 is vulnerable to a sensitive information exposure in Twisted [CVE-2024-41671]

Summary IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Twisted, caused by a flaw in HTTP 1.0 and 1.1 server CVE-2024-41671. Twisted is used by our Speech Service runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation...

8.3CVSS5.8AI score0.00856EPSS
Exploits0Affected Software1
Amazon
Amazon
added 2025/03/26 12:0 a.m.6 views

Medium: python-twisted

Issue Overview: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1...

8.3CVSS6.8AI score0.00856EPSS
Exploits0
Amazon
Amazon
added 2025/03/26 12:0 a.m.11 views

Medium: python-twisted

Issue Overview: Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1...

8.3CVSS6.4AI score0.00856EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 2:56 p.m.9 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Twisted [CVE-2024-41671]

Summary IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Twisted, caused by a flaw in HTTP 1.0 and 1.1 server CVE-2024-41671. Twisted is used by our Speech Runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below...

8.3CVSS5.8AI score0.00856EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.14 views

openSUSE Security Advisory (SUSE-SU-2024:2860-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS6.6AI score0.01176EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.7 views

openSUSE Security Advisory (SUSE-SU-2024:2880-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS6.6AI score0.01176EPSS
Exploits0References5
OSV
OSV
added 2025/02/12 6:37 a.m.16 views

MGASA-2025-0054 Updated python-twisted packages fix security vulnerabilities

Twisted.web has disordered HTTP pipeline response. CVE-2023-46137 Twisted.web has disordered HTTP pipeline response. CVE-2024-41671 HTML injection in HTTP redirect body. CVE-2024-41810...

8.3CVSS6.7AI score0.01176EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.14 views

Azure Linux 3.0 Security Update: python-twisted (CVE-2024-41671)

The version of python-twisted installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41671 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0...

8.3CVSS7.8AI score0.00856EPSS
Exploits0References2
Debian
Debian
added 2024/11/28 3:34 p.m.16 views

[SECURITY] [DLA 3970-1] twisted security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3970-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler November 28, 2024 https://wiki.debian.org/LTS -...

8.3CVSS6.8AI score0.01176EPSS
Exploits2
OpenVAS
OpenVAS
added 2024/11/28 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-6988-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS7.1AI score0.00856EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2024/11/26 6:25 p.m.241 views

USN-6988-2: Twisted vulnerability

USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Ben Kallus discovered that Twisted incorrectly handled...

8.3CVSS7.9AI score0.00856EPSS
Exploits0
Debian
Debian
added 2024/10/25 6:12 p.m.24 views

[SECURITY] [DSA 5797-1] twisted security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5797-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2024 https://www.debian.org/security/faq -...

8.3CVSS7.3AI score0.01176EPSS
Exploits1
OpenVAS
OpenVAS
added 2024/09/05 12:0 a.m.16 views

Ubuntu: Security Advisory (USN-6988-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS6.6AI score0.01176EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/04 12:0 a.m.23 views

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Twisted vulnerabilities (USN-6988-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6988-1 advisory. It was discovered that Twisted incorrectly handled response order when processing multiple HT...

8.3CVSS6.5AI score0.01176EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/08/19 12:0 a.m.31 views

CBL Mariner 2.0 Security Update: python-twisted (CVE-2024-41671)

The version of python-twisted installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41671 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0...

8.3CVSS7.8AI score0.00856EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/08/18 2:44 p.m.21 views

CVE-2024-41671 affecting package python-twisted for versions less than 22.10.0-3

CVE-2024-41671 affecting package python-twisted for versions less than 22.10.0-3. A patched version of the package is available...

8.3CVSS6.9AI score0.00856EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/08/14 8:43 p.m.20 views

CVE-2024-41671 affecting package python-twisted for versions less than 22.10.0-3

CVE-2024-41671 affecting package python-twisted for versions less than 22.10.0-3. A patched version of the package is available...

8.3CVSS6.9AI score0.00856EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/08/13 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2024:2880-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS6.6AI score0.01176EPSS
Exploits0References5
OSV
OSV
added 2024/08/12 3:39 p.m.23 views

SUSE-SU-2024:2880-1 Security update for python-Twisted

This update for python-Twisted fixes the following issues: - CVE-2024-41671: Fixed an information disclosure due to HTTP requests processed out-of-order bsc1228549 - CVE-2024-41810: Fixed reflected XSS via HTML injection in redirect response bsc1228552...

8.3CVSS5.9AI score0.01176EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/08/12 12:0 a.m.17 views

SUSE: Security Advisory (SUSE-SU-2024:2860-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS6.6AI score0.01176EPSS
Exploits0References5
Rows per page
Query Builder