It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. (CVE-2022-21712)
It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attacker could use this issue to cause Twisted to crash, resulting in a denial of service. (CVE-2022-21716)
{ "availability": "No subscription required", "binaries": [ { "python-twisted-bin-dbg": "17.9.0-2ubuntu0.3", "python-twisted-bin": "17.9.0-2ubuntu0.3", "python-twisted-words": "17.9.0-2ubuntu0.3", "python-twisted-web": "17.9.0-2ubuntu0.3", "python3-twisted": "17.9.0-2ubuntu0.3", "python-twisted-conch": "1:17.9.0-2ubuntu0.3", "python-twisted": "17.9.0-2ubuntu0.3", "python-twisted-news": "17.9.0-2ubuntu0.3", "python-twisted-runner-dbg": "17.9.0-2ubuntu0.3", "twisted-doc": "17.9.0-2ubuntu0.3", "python-twisted-names": "17.9.0-2ubuntu0.3", "python-twisted-mail": "17.9.0-2ubuntu0.3", "python3-twisted-bin": "17.9.0-2ubuntu0.3", "python-twisted-core": "17.9.0-2ubuntu0.3", "python3-twisted-bin-dbg": "17.9.0-2ubuntu0.3", "python-twisted-runner": "17.9.0-2ubuntu0.3" } ] }