Known Vulnerabilities for products from Twistedmatrix
Listed below are 13 of the newest known vulnerabilities associated with the vendor "Twistedmatrix".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-46137 json | Twisted is an event-based framework for internet applications. Prior to version 23.10.0rc1, when sending multiple HTTP reques... | 5.3 - MEDIUM | 2023-10-25 | 2023-11-02 |
| CVE-2022-39348 json | Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not matc... | 5.4 - MEDIUM | 2022-10-26 | 2023-03-08 |
| CVE-2022-24801 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.1 - HIGH | 2022-04-04 | 2023-11-07 |
| CVE-2022-23607 json | treq is an HTTP library inspired by requests but written on top of Twisted's Agents. Treq's request methods (`treq.get`, `tre... | 6.5 - MEDIUM | 2022-02-01 | 2024-01-26 |
| CVE-2022-21716 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-03 | 2023-11-07 |
| CVE-2022-21712 json | twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorizatio... | 7.5 - HIGH | 2022-02-07 | 2023-11-07 |
| CVE-2020-10109 json | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a... | 9.8 - CRITICAL | 2020-03-12 | 2023-11-07 |
| CVE-2020-10108 json | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length hea... | 9.8 - CRITICAL | 2020-03-12 | 2023-11-07 |
| CVE-2019-12855 json | In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, a... | 7.4 - HIGH | 2019-06-16 | 2023-11-07 |
| CVE-2019-12387 json | In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject inval... | 6.1 - MEDIUM | 2019-06-10 | 2023-11-07 |
| CVE-2017-1000007 json | txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and... | 5.9 - MEDIUM | 2017-07-17 | 2017-08-04 |
| CVE-2016-1000111 json | Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect ... | 5.3 - MEDIUM | 2020-03-11 | 2020-03-13 |
| CVE-2014-7143 json | Python Twisted 14.0 trustRoot is not respected in HTTP client | 7.5 - HIGH | 2019-11-12 | 2019-11-14 |
Known software with vulnerabilities from Twistedmatrix
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Twistedmatrix | Twisted | 10.0.0 |
| Application | Twistedmatrix | Twistedweb | 2.2.0 |
| Application | Twistedmatrix | Txaws | - |