First published: Wed Sep 04 2024(Updated: )
Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-41671) It was discovered that Twisted did not properly sanitize certain input. An attacker could use this vulnerability to possibly execute an HTML injection leading to a cross-site scripting (XSS) attack. (CVE-2024-41810)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/python3-twisted | <24.3.0-1ubuntu0.1 | 24.3.0-1ubuntu0.1 |
Ubuntu Ubuntu | =24.04 | |
All of | ||
ubuntu/python3-twisted | <22.1.0-2ubuntu2.5 | 22.1.0-2ubuntu2.5 |
Ubuntu Ubuntu | =22.04 | |
All of | ||
ubuntu/python3-twisted | <18.9.0-11ubuntu0.20.04.4 | 18.9.0-11ubuntu0.20.04.4 |
Ubuntu Ubuntu | =20.04 | |
All of | ||
ubuntu/python-twisted | <17.9.0-2ubuntu0.3+esm1 | 17.9.0-2ubuntu0.3+esm1 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/python3-twisted | <17.9.0-2ubuntu0.3+esm1 | 17.9.0-2ubuntu0.3+esm1 |
Ubuntu Ubuntu | =18.04 | |
All of | ||
ubuntu/python-twisted | <16.0.0-1ubuntu0.4+esm2 | 16.0.0-1ubuntu0.4+esm2 |
Ubuntu Ubuntu | =16.04 | |
All of | ||
ubuntu/python3-twisted | <16.0.0-1ubuntu0.4+esm2 | 16.0.0-1ubuntu0.4+esm2 |
Ubuntu Ubuntu | =16.04 | |
All of | ||
ubuntu/python-twisted | <13.2.0-1ubuntu1.2+esm3 | 13.2.0-1ubuntu1.2+esm3 |
Ubuntu Ubuntu | =14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.