Known Vulnerabilities for products from Twistedmatrix
Listed below are 11 of the newest known vulnerabilities associated with the vendor "Twistedmatrix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24801 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-04-04 | 2023-11-07 |
| CVE-2022-23607 | treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `tre... | 6.5 - MEDIUM | 2022-02-01 | 2024-01-26 |
| CVE-2022-21716 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-03 | 2023-11-07 |
| CVE-2022-21712 | twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorizatio... | 7.5 - HIGH | 2022-02-07 | 2023-11-07 |
| CVE-2020-10109 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a... | 9.8 - CRITICAL | 2020-03-12 | 2023-11-07 |
| CVE-2020-10108 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length hea... | 9.8 - CRITICAL | 2020-03-12 | 2023-11-07 |
| CVE-2019-12855 | In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, a... | 7.4 - HIGH | 2019-06-16 | 2023-11-07 |
| CVE-2019-12387 | In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject inval... | 6.1 - MEDIUM | 2019-06-10 | 2023-11-07 |
| CVE-2017-1000007 | txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and... | 5.9 - MEDIUM | 2017-07-17 | 2017-08-04 |
| CVE-2016-1000111 | Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect ... | 5.3 - MEDIUM | 2020-03-11 | 2020-03-13 |
| CVE-2014-7143 | Python Twisted 14.0 trustRoot is not respected in HTTP client | 7.5 - HIGH | 2019-11-12 | 2019-11-14 |
Known software with vulnerabilities from Twistedmatrix
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Twistedmatrix | Twisted | 8.0.0 |
| Application | Twistedmatrix | Twistedweb | 2.2.0 |
| Application | Twistedmatrix | Txaws | - |