Search for packages
| purl | pkg:pypi/twisted@11.1 |
| Tags | Ghost |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-shy4-bwc3-aaar
Aliases: CVE-2022-21712 GHSA-92x2-jw7w-xvvx PYSEC-2022-27 |
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds. |
Affected by 6 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-01-17T02:40:14.917371+00:00 | GHSA Importer | Affected by | VCID-shy4-bwc3-aaar | None | 35.1.0 |
| 2024-09-17T22:15:07.959931+00:00 | GHSA Importer | Affected by | VCID-shy4-bwc3-aaar | https://github.com/advisories/GHSA-92x2-jw7w-xvvx | 34.0.1 |
| 2024-01-03T17:45:13.244492+00:00 | GHSA Importer | Affected by | VCID-shy4-bwc3-aaar | https://github.com/advisories/GHSA-92x2-jw7w-xvvx | 34.0.0rc1 |