Download
| Alert*
|
oval:org.secpod.oval:def:3300625
SUSE Security Update: Security update for python-Twisted oval:org.secpod.oval:def:1601672 A flaw was found in python-twisted. This vulnerability occurs due to the parsing of illegal constructs in the twisted.web.http module. The illegal constructs include '+/-' in the Content-Length header, '\n and \t' etc. Non-conformant parsing leads to a desync if requests pass through multiple HTTP p ... oval:org.secpod.oval:def:2107969 Oracle Solaris 11 - ( CVE-2022-39348 ) oval:org.secpod.oval:def:89047892 This update for python-Twisted fixes the following issues: - CVE-2022-39348: Fixed NameVirtualHost Host header injection . oval:org.secpod.oval:def:3301203 SUSE Security Update: Security update for python-Twisted oval:org.secpod.oval:def:19500165 Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and scr ... oval:org.secpod.oval:def:1701245 Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and scr ... oval:org.secpod.oval:def:89047890 This update for python-Twisted fixes the following issues: - CVE-2022-39348: Fixed NameVirtualHost Host header injection . oval:org.secpod.oval:def:98215 twisted: Event-based framework for internet applications Several security issues were fixed in Twisted. oval:org.secpod.oval:def:98761 twisted: Event-based framework for internet applications Several security issues were fixed in Twisted. |
