VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-shy4-bwc3-aaar

Essentials
Severities (135)
References (33)
Severity details (42)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-shy4-bwc3-aaar
Aliases	CVE-2022-21712 GHSA-92x2-jw7w-xvvx PYSEC-2022-27
Summary	twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

Weaknesses (4)

CWE-200	Exposure of Sensitive Information to an Unauthorized Actor
CWE-346	Origin Validation Error
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
rhas	Important	https://access.redhat.com/errata/RHSA-2022:0982
rhas	Important	https://access.redhat.com/errata/RHSA-2022:0992
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21712.json
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00113	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.0012	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.0012	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.0012	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.0012	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.0012	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.0012	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00154	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00182	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00182	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00182	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00182	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00208	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00208	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00258	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00534	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
epss	0.00534	https://api.first.org/data/v1/epss?cve=CVE-2022-21712
rhbs	medium	https://bugzilla.redhat.com/show_bug.cgi?id=2051865
cvssv3.1	7.1	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-92x2-jw7w-xvvx
cvssv3.1	7.5	https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2022-27.yaml
generic_textual	HIGH	https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2022-27.yaml
cvssv3.1	6.1	https://github.com/twisted/twisted
cvssv3.1	7.5	https://github.com/twisted/twisted
generic_textual	HIGH	https://github.com/twisted/twisted
generic_textual	MODERATE	https://github.com/twisted/twisted
cvssv3.1	7.5	https://github.com/twisted/twisted/commit/af8fe78542a6f2bf2235ccee8158d9c88d31e8e2
generic_textual	HIGH	https://github.com/twisted/twisted/commit/af8fe78542a6f2bf2235ccee8158d9c88d31e8e2
ssvc	Track	https://github.com/twisted/twisted/commit/af8fe78542a6f2bf2235ccee8158d9c88d31e8e2
cvssv3.1	7.5	https://github.com/twisted/twisted/releases/tag/twisted-22.1.0
generic_textual	HIGH	https://github.com/twisted/twisted/releases/tag/twisted-22.1.0
ssvc	Track	https://github.com/twisted/twisted/releases/tag/twisted-22.1.0
cvssv3.1	7.5	https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx
cvssv3.1_qr	HIGH	https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx
generic_textual	HIGH	https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx
ssvc	Track	https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx
cvssv3.1	7.5	https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html
generic_textual	HIGH	https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
generic_textual	HIGH	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
cvssv2	5.0	https://nvd.nist.gov/vuln/detail/CVE-2022-21712
cvssv3	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-21712
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2022-21712
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2022-21712
cvssv3.1	7.5	https://pypi.org/project/Twisted
generic_textual	HIGH	https://pypi.org/project/Twisted
archlinux	Medium	https://security.archlinux.org/AVG-2663
cvssv3.1	5.4	https://security.gentoo.org/glsa/202301-02
cvssv3.1	7.5	https://security.gentoo.org/glsa/202301-02
generic_textual	HIGH	https://security.gentoo.org/glsa/202301-02
generic_textual	MODERATE	https://security.gentoo.org/glsa/202301-02

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21712.json
		https://api.first.org/data/v1/epss?cve=CVE-2022-21712
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21712
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2022-27.yaml
		https://github.com/twisted/twisted
		https://github.com/twisted/twisted/commit/af8fe78542a6f2bf2235ccee8158d9c88d31e8e2
		https://github.com/twisted/twisted/releases/tag/twisted-22.1.0
		https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K/
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
		https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6/
		https://pypi.org/project/Twisted
		https://pypi.org/project/Twisted/
		https://security.gentoo.org/glsa/202301-02
2051865		https://bugzilla.redhat.com/show_bug.cgi?id=2051865
AVG-2663		https://security.archlinux.org/AVG-2663
cpe:2.3:a:twistedmatrix:twisted::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:twistedmatrix:twisted::::::::
cpe:2.3:a:twisted:twisted::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:twisted:twisted::::::::
cpe:2.3:o:debian:debian_linux:9.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
cpe:2.3:o:fedoraproject:fedora:35:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:35:::::::*
cpe:2.3:o:fedoraproject:fedora:36:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:36:::::::*
CVE-2022-21712		https://nvd.nist.gov/vuln/detail/CVE-2022-21712
GHSA-92x2-jw7w-xvvx		https://github.com/advisories/GHSA-92x2-jw7w-xvvx
GHSA-92x2-jw7w-xvvx		https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx
RHSA-2022:0982		https://access.redhat.com/errata/RHSA-2022:0982
RHSA-2022:0992		https://access.redhat.com/errata/RHSA-2022:0992
USN-5354-1		https://usn.ubuntu.com/5354-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-21712.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2022-27.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at https://github.com/twisted/twisted

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/twisted/twisted

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/twisted/twisted/commit/af8fe78542a6f2bf2235ccee8158d9c88d31e8e2

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:40Z/ Found at https://github.com/twisted/twisted/commit/af8fe78542a6f2bf2235ccee8158d9c88d31e8e2

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/twisted/twisted/releases/tag/twisted-22.1.0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:40Z/ Found at https://github.com/twisted/twisted/releases/tag/twisted-22.1.0

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:57:40Z/ Found at https://github.com/twisted/twisted/security/advisories/GHSA-92x2-jw7w-xvvx

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7U6KYDTOLPICAVSR34G2WRYLFBD2YW5K

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLKHA6WREIVAMBQD7KKWYHPHGGNKMAG6

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-21712

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-21712

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2022-21712

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://pypi.org/project/Twisted

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Found at https://security.gentoo.org/glsa/202301-02

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://security.gentoo.org/glsa/202301-02

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.26859
EPSS Score	0.00113
Published At	March 28, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.