Vulnerabilities > Twisted > Twisted > 17.1.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-07-29 | CVE-2024-41810 | Cross-site Scripting vulnerability in Twisted Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 6.1 |
2023-10-25 | CVE-2023-46137 | HTTP Request Smuggling vulnerability in Twisted Twisted is an event-based framework for internet applications. | 5.3 |
2022-10-26 | CVE-2022-39348 | Twisted is an event-based framework for internet applications. | 5.4 |
2022-04-04 | CVE-2022-24801 | Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 8.1 |
2022-02-07 | CVE-2022-21712 | twisted is an event-driven networking engine written in Python. | 7.5 |
2020-03-12 | CVE-2020-10109 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |
2020-03-12 | CVE-2020-10108 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |
2019-06-16 | CVE-2019-12855 | Improper Certificate Validation vulnerability in Twisted In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. | 7.4 |
2019-06-10 | CVE-2019-12387 | Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. | 6.1 |