3 matches found
SUSE SLES12 Security Update : python-Twisted (SUSE-SU-2022:1546-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1546-1 advisory. - CVE-2022-24801: Fixed to not be as lenient as earlier HTTP/1.1 RFCs to prevent HTTP request smuggling. bsc1198086 Tenable has extracted th...
GHSA-C2JG-HW38-JRQQ Inconsistent Interpretation of HTTP Requests in twisted.web
The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...
Inconsistent Interpretation of HTTP Requests in twisted.web
The Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230: 1. The Content-Length header value could have a + or - prefix. 2. Illegal characters were permitted in chunked extensions, such as the LF \n...