Vulnerabilities > Twisted > Twisted > 16.5.0

DATE CVE VULNERABILITY TITLE RISK
2024-07-29 CVE-2024-41810 Cross-site Scripting vulnerability in Twisted
Twisted is an event-based framework for internet applications, supporting Python 3.6+.
network
low complexity
twisted CWE-79
6.1
2023-10-25 CVE-2023-46137 HTTP Request Smuggling vulnerability in Twisted
Twisted is an event-based framework for internet applications.
network
low complexity
twisted CWE-444
5.3
2022-10-26 CVE-2022-39348 Twisted is an event-based framework for internet applications.
network
low complexity
twisted debian
5.4
2022-04-04 CVE-2022-24801 Twisted is an event-based framework for internet applications, supporting Python 3.6+.
network
high complexity
twisted debian fedoraproject oracle
8.1
2022-02-07 CVE-2022-21712 twisted is an event-driven networking engine written in Python.
network
low complexity
twisted debian fedoraproject
7.5
2020-03-12 CVE-2020-10109 HTTP Request Smuggling vulnerability in multiple products
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability.
network
low complexity
twisted fedoraproject debian canonical CWE-444
critical
9.8
2020-03-12 CVE-2020-10108 HTTP Request Smuggling vulnerability in multiple products
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability.
network
low complexity
twisted fedoraproject debian canonical oracle CWE-444
critical
9.8
2019-06-16 CVE-2019-12855 Improper Certificate Validation vulnerability in Twisted
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
network
high complexity
twisted CWE-295
7.4
2019-06-10 CVE-2019-12387 Injection vulnerability in multiple products
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
network
low complexity
twisted fedoraproject canonical oracle CWE-74
6.1