Количество 8
Количество 8
CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue.
CVE-2016-1000111
Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1 ...
openSUSE-SU-2016:3157-1
Security update for python-Twisted
SUSE-SU-2017:0114-1
Security update for python-Twisted
GHSA-3gqj-cmxr-p4x2
Forced Browsing in Twisted
ELSA-2016-1978
ELSA-2016-1978: python-twisted-web security update (IMPORTANT)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2016-1000111 Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | CVSS3: 5.3 | 1% Низкий | больше 5 лет назад |
 | CVE-2016-1000111 Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | CVSS3: 5 | 1% Низкий | около 9 лет назад |
 | CVE-2016-1000111 Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | CVSS3: 5.3 | 1% Низкий | больше 5 лет назад |
| CVE-2016-1000111 Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1 ... | CVSS3: 5.3 | 1% Низкий | больше 5 лет назад |
 | openSUSE-SU-2016:3157-1 Security update for python-Twisted | 1% Низкий | больше 8 лет назад | |
| SUSE-SU-2017:0114-1 Security update for python-Twisted | 1% Низкий | больше 8 лет назад | |
| GHSA-3gqj-cmxr-p4x2 Forced Browsing in Twisted | CVSS3: 5.3 | 1% Низкий | больше 4 лет назад |
| ELSA-2016-1978 ELSA-2016-1978: python-twisted-web security update (IMPORTANT) | почти 9 лет назад |
Уязвимостей на страницу