Linux Distros Unpatched Vulnerability : CVE-2026-42304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 26.4.0rc2, the twisted.names module is vulnerable to a Denial of...

2adif (=0.1.0), 3robotics (=0.0.1) +1440 more potentially affected by CVE-2026-42304 via twisted (=26.4.0)

twisted PYPI version =26.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on twisted and may be impacted: - 2adif =0.1.0 - 3robotics =0.0.1 - abaci-users =0.1.0 - achilles =0.0.12, =3.0.9, =3.0.0, =0.1.0, =23.12.0rc1, =0.10.0, =0.0.1, =3.0.0, =0.1.4,...

Astra Linux – Vulnerability in Twisted

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF...

Astra Linux – Vulnerability in Twisted

Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP requests in one TCP packet, twisted.web would process the requests asynchronously, without guaranteeing the order of responses. If either of the endpoints was controlled by an...

Security Bulletin: Vulnerability Werkzeug, Twisted-22.10.0-py3, requests-2.32.2-py3, commons-lang-2.6, commons-fileupload-1.5, urllib3-2.2.2, jetty-server-9.4.56.v20240826 affect IBM Cloud Object Storage Systems (Oct 2025)

Summary Vulnerability with Werkzeug CVE-2024-34069, CVE-2023-46136 ,CVE-2024-49767, CVE-2024-49766 Twisted-22.10.0-py3 CVE-2024-41810, CVE-2023-46137, CVE-2024-41671, requests-2.32.2-py3 CVE-2024-47081, urllib3-2.2.2 CVE-2025-50182,CVE-2025-501810 commons-lang-2.6CVE-2025-48924,...

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Twisted [CVE-2024-41671]

Summary IBM Watson Speech Services Cartridge is vulnerable to a sensitive information exposure in Twisted, caused by a flaw in HTTP 1.0 and 1.1 server CVE-2024-41671. Twisted is used by our Speech Runtimes. This vulnerabilitiy has been addressed. Please read the details for remediation below...

CBL Mariner 2.0 Security Update: python-twisted (CVE-2023-46137)

The version of python-twisted installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46137 advisory. - Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when...

Azure Linux 3.0 Security Update: python-twisted (CVE-2024-41810)

The version of python-twisted installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41810 advisory. - Twisted is an event-based framework for internet applications, supporting Python 3.6+. The...

USN-6988-2 twisted vulnerability

USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Ben Kallus discovered that Twisted incorrectly handled...

USN-6988-2: Twisted vulnerability

USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Ben Kallus discovered that Twisted incorrectly handled...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Twisted vulnerability (USN-6988-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6988-2 advisory. USN-6988-1 fixed CVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the...

adyanutils (>=0.4.0 <=0.8.6), apricot-server (>=0.0.1 <=0.1.1) +128 more potentially affected by CVE-2024-4167 +1 more via twisted (>=20.3.0 <=24.7.0)

twisted PYPI version =20.3.0, =0.4.0, =0.0.1, =0.2.0, =3.4.1, =1.5.0, =1.5.0, =0.2.0, =0.0.2, =1.9.0, =0.2.86, =202406.1129.0, =3.9.2, =1.0.0, =1.1.0 and more Source cves: CVE-2024-4167, CVE-2024-41671 Source advisory: OSV:GHSA-C8M8-J448-XJX7...

adyanutils (>=0.4.0 <=0.8.6), apricot-server (>=0.0.1 <=0.1.1) +128 more potentially affected by CVE-2024-41810 via twisted (>=20.3.0 <=24.7.0)

twisted PYPI version =20.3.0, =0.4.0, =0.0.1, =0.2.0, =3.4.1, =1.5.0, =1.5.0, =0.2.0, =0.0.2, =1.9.0, =0.2.86, =202406.1129.0, =3.9.2, =1.0.0, =1.1.0 and more Source cves: CVE-2024-41810 Source advisory: OSV:PYSEC-2024-75...

adyanutils (>=0.4.0 <=0.8.6), apricot-server (>=0.0.6 <=0.1.1) +109 more potentially affected by CVE-2023-46137 via twisted (>=20.3.0 <=23.10.0)

twisted PYPI version =20.3.0, =0.4.0, =0.0.6, =0.2.0, =3.4.1, =1.5.0, =1.5.0, =0.2.0, =0.0.2, =3.9.2, =1.0.0, =0.1.0.dev2, =0.3.4, =1.0.1 and more Source cves: CVE-2023-46137 Source advisory: OSV:PYSEC-2023-224...

ayugespidertools (>=3.4.1 <=3.9.5), baotool (=1.0.1) +129 more potentially affected by CVE-2022-39348 via twisted (>=16.0.0 <=22.10.0)

twisted PYPI version =16.0.0, =3.4.1, =1.5.0, =0.2.0, =0.0.2, =3.9.2, =0.1.0.dev2, =0.3.4, =0.1.0, =18.4.0, =1.1.2.post3, =1.2.0.post1 and more Source cves: CVE-2022-39348 Source advisory: OSV:GHSA-VG46-2RRJ-3647...

Ubuntu 22.04 LTS : Twisted vulnerability (USN-5576-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-5576-1 advisory. It was discovered that Twisted incorrectly parsed some types of HTTP requests in its web server implementation. In certain proxy or multi-server configurations, a...

adyanutils (>=0.4.0 <=0.8.6), ayugespidertools (>=3.4.1 <=3.9.5) +87 more potentially affected by CVE-2022-24801 via twisted (>=20.3.0 <=22.2.0)

twisted PYPI version =20.3.0, =0.4.0, =3.4.1, =1.5.0, =1.5.0, =0.2.0, =0.0.2, =3.9.2, =0.1.0.dev2, =0.3.4, =20.0.0, =1.1.2.post3, =3.2.2, =0.1.0, =0.1.1 and more Source cves: CVE-2022-24801 Source advisory: OSV:PYSEC-2022-195...

UBUNTU-CVE-2022-24801

Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the twisted.web.http module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing...

Twisted 环境问题漏洞

Twisted is an event-driven open source web engine written in the Python language. Twisted suffers from an environmental issue vulnerability that stems from the fact that prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server was located in the Twisted. Web HTTP module, which parses several...

adyanutils (>=0.4.0 <=0.8.6), ayugespidertools (>=3.4.1 <=3.9.5) +53 more potentially affected by CVE-2022-21716 via twisted (>=21.7.0 <=22.1.0)

twisted PYPI version =21.7.0, =0.4.0, =3.4.1, =1.6.0, =0.2.0, =3.9.2, =0.1.0.dev2, =21.0.0, =1.1.2.post3, =0.1.0, =0.4.0, =0.7.2, =1.0.0, =1.0.0, =2.0.5 and more Source cves: CVE-2022-21716 Source advisory: OSV:PYSEC-2022-160...