Vulnerabilities > Twistedmatrix > Twisted > 16.3.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-25 | CVE-2023-46137 | HTTP Request Smuggling vulnerability in Twistedmatrix Twisted Twisted is an event-based framework for internet applications. | 5.3 |
| 2022-10-26 | CVE-2022-39348 | Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in multiple products Twisted is an event-based framework for internet applications. | 5.4 |
| 2022-04-04 | CVE-2022-24801 | HTTP Request Smuggling vulnerability in multiple products Twisted is an event-based framework for internet applications, supporting Python 3.6+. | 8.1 |
| 2022-02-07 | CVE-2022-21712 | Information Exposure vulnerability in multiple products twisted is an event-driven networking engine written in Python. | 7.5 |
| 2020-03-12 | CVE-2020-10109 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |
| 2020-03-12 | CVE-2020-10108 | HTTP Request Smuggling vulnerability in multiple products In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. | 9.8 |
| 2019-06-16 | CVE-2019-12855 | Improper Certificate Validation vulnerability in Twistedmatrix Twisted In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. | 7.4 |
| 2019-06-10 | CVE-2019-12387 | Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. | 6.1 |