📦 Twisted

Name: Twisted
Author: Twisted

by Twisted

🔍 What is Twisted?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2022-24801

HIGH CVSS 8.1 Apr 4, 2022

This vulnerability in Twisted's HTTP 1.1 server allows HTTP request smuggling due to non-RFC-compliant parsing of HTTP requests. Attackers can exploit this to bypass security controls, poison caches, ...

CVE-2022-21716

HIGH CVSS 7.5 Mar 3, 2022

CVE-2022-21716 is a memory exhaustion vulnerability in Twisted's SSH client and server implementations. Attackers can send unlimited data during SSH version negotiation, causing the target system to c...

CVE-2022-21712

HIGH CVSS 7.5 Feb 7, 2022

This vulnerability in the Twisted Python networking engine exposes sensitive authentication data (cookies and authorization headers) when following cross-origin redirects. Attackers can steal credenti...

CVE-2024-41810

MEDIUM CVSS 6.1 Jul 29, 2024

This CVE describes an HTML injection vulnerability in Twisted's twisted.web.util.redirectTo function that can lead to reflected cross-site scripting (XSS). Attackers who can control redirect URLs can ...