Twisted@22.2.0rc1 vulnerabilities
An asynchronous networking framework written in Python
-
latest version
24.3.0
-
latest non vulnerable version
-
first published
19 years ago
-
latest version published
2 months ago
-
licenses detected
- [2.1.0,)
Direct Vulnerabilities
Known vulnerabilities in the Twisted package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') when sending multiple HTTP requests in one TCP packet, the How to fix Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')? Upgrade |
[,23.10.0rc1)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Header Injection via the How to fix HTTP Header Injection? Upgrade |
[,22.10.0rc1)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Request Smuggling in the How to fix HTTP Request Smuggling? Upgrade |
[,22.4.0rc1)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Denial of Service (DoS) by accepting an infinite amount of data for the peer's SSH version identifier. it is possible to be exploited via SSH transport due to a lack of validation for user data.
The attack is as simple as How to fix Denial of Service (DoS)? Upgrade |
[22.1.0,22.2.0)
|