twisted@17.9.0 vulnerabilities
An asynchronous networking framework written in Python
-
latest version
24.3.0
-
latest non vulnerable version
-
first published
19 years ago
-
latest version published
2 months ago
-
licenses detected
- [2.1.0,)
Direct Vulnerabilities
Known vulnerabilities in the twisted package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') when sending multiple HTTP requests in one TCP packet, the How to fix Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling')? Upgrade |
[,23.10.0rc1)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Header Injection via the How to fix HTTP Header Injection? Upgrade |
[,22.10.0rc1)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Request Smuggling due to missing checks when requests with modified headers are sent. An attacker could exploit this vulnerability by using the following request smuggling techniques:
How to fix HTTP Request Smuggling? Upgrade |
[,20.3.0)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Request Smuggling in the How to fix HTTP Request Smuggling? Upgrade |
[,22.4.0rc1)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Information Exposure due to improper handling of sensitive data in How to fix Information Exposure? Upgrade |
[11.1.0,22.1.0)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Header Injection. How to fix HTTP Header Injection? Upgrade |
[,19.2.0)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Request Smuggling. When presented with two How to fix HTTP Request Smuggling? Upgrade |
[,20.3.0)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to HTTP Request Splitting. When presented with a How to fix HTTP Request Splitting? Upgrade |
[,20.3.0)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Man-in-the-Middle (MitM)
via the How to fix Man-in-the-Middle (MitM)? Upgrade |
[,19.7.0)
|
Twisted is an event-based network programming and multi-protocol integration framework. Affected versions of this package are vulnerable to Improper Input Validation due to the package not validating or sanitizing URIs or HTTP methods, this allows an attacker to inject invalid characters such as CRLF. How to fix Improper Input Validation? Upgrade |
[,19.2.1)
|