Search for packages
| purl | pkg:ebuild/dev-python/twisted@22.10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-qc7c-e5fb-77f1 | twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. |
CVE-2022-21712
GHSA-92x2-jw7w-xvvx PYSEC-2022-27 |
| VCID-tec3-uqmg-tueq | Multiple vulnerabilities have been discovered in Twisted, the worst of which could result in denial of service. |
CVE-2022-39348
GHSA-vg46-2rrj-3647 |
| VCID-z5qm-2n25-e7g4 | Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to 22.2.0, Twisted SSH client and server implement is able to accept an infinite amount of data for the peer's SSH version identifier. This ends up with a buffer using all the available memory. The attach is a simple as `nc -rv localhost 22 < /dev/zero`. A patch is available in version 22.2.0. There are currently no known workarounds. |
CVE-2022-21716
GHSA-rv6r-3f5q-9rgx PYSEC-2022-160 |
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T13:00:53.759038+00:00 | Gentoo Importer | Fixing | VCID-tec3-uqmg-tueq | https://security.gentoo.org/glsa/202301-02 | 38.0.0 |
| 2026-04-01T13:00:53.747954+00:00 | Gentoo Importer | Fixing | VCID-z5qm-2n25-e7g4 | https://security.gentoo.org/glsa/202301-02 | 38.0.0 |
| 2026-04-01T13:00:53.738119+00:00 | Gentoo Importer | Fixing | VCID-qc7c-e5fb-77f1 | https://security.gentoo.org/glsa/202301-02 | 38.0.0 |