RHEL 7 : python-twisted-web (RHSA-2022:4930)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:4930 advisory. Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted...

openSUSE: Security Advisory for python-Twisted (SUSE-SU-2022:1477-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Updated python-twisted packages fix security vulnerability

CVE-2022-21712: It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21716: It was discovered that Twisted incorrectly processed SSH handshake data on...

SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:1546-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1546-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1....

SUSE: Security Advisory (SUSE-SU-2022:1546-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:1546-1 Security update for python-Twisted

This update for python-Twisted fixes the following issues: - CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. bsc1198086...

SUSE: Security Advisory (SUSE-SU-2022:1477-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : Red Hat OpenStack Platform 16.1 (python-twisted) (RHSA-2022:1646)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1646 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail...

SUSE SLES15 Security Update : python-Twisted (SUSE-SU-2022:1477-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1477-1 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1....

SUSE-SU-2022:1477-1 Security update for python-Twisted

This update for python-Twisted fixes the following issues: - CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. bsc1198086...

python-twisted: possible http request smuggling

A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTT...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.1 (python-twisted) security update

An update for python-twisted is now available for Red Hat OpenStack Platform 16.1 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (python-twisted) security update

An update for python-twisted is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

python-twisted: possible http request smuggling

A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTT...

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-twisted) (RHSA-2022:1645)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:1645 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail...

CVE-2020-10108 affecting package python-twisted for versions less than 22.2.0-1

CVE-2020-10108 affecting package python-twisted for versions less than 22.2.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2019-12855 affecting package python-twisted for versions less than 22.2.0-1

CVE-2019-12855 affecting package python-twisted for versions less than 22.2.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-21712 affecting package python-twisted for versions less than 22.2.0-1

CVE-2022-21712 affecting package python-twisted for versions less than 22.2.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2020-10109 affecting package python-twisted for versions less than 22.2.0-1

CVE-2020-10109 affecting package python-twisted for versions less than 22.2.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2022-24801

A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTT...