Описание
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the twited.web.RedirectAgent and twisted.web. BrowserLikeRedirectAgent functions. Users are advised to upgrade. There are no known workarounds.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 17.9.0-2ubuntu0.3 |
| devel | released | 22.1.0-2ubuntu2 |
| esm-infra-legacy/trusty | needed | |
| esm-infra/bionic | released | 17.9.0-2ubuntu0.3 |
| esm-infra/focal | released | 18.9.0-11ubuntu0.20.04.2 |
| esm-infra/xenial | needed | |
| focal | released | 18.9.0-11ubuntu0.20.04.2 |
| impish | released | 20.3.0-7ubuntu1.1 |
| jammy | released | 22.1.0-2ubuntu2 |
| kinetic | released | 22.1.0-2ubuntu2 |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
twisted is an event-driven networking engine written in Python. In affected versions twisted exposes cookies and authorization headers when following cross-origin redirects. This issue is present in the `twited.web.RedirectAgent` and `twisted.web. BrowserLikeRedirectAgent` functions. Users are advised to upgrade. There are no known workarounds.
twisted is an event-driven networking engine written in Python. In aff ...
5 Medium
CVSS2
7.5 High
CVSS3