Bugs fixes in "twisted"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2020-10109 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header | 2020-03-19 |
| CVE | CVE-2020-10108 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the fir | 2020-03-19 |
| CVE | CVE-2020-1010 | RESERVED | 2020-03-19 |
| CVE | CVE-2019-9515 | Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS f | 2020-03-19 |
| CVE | CVE-2019-9514 | Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and s | 2020-03-19 |
| CVE | CVE-2019-9512 | Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/ | 2020-03-19 |
| CVE | CVE-2019-12855 | In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to M | 2020-03-19 |
| CVE | CVE-2019-12387 | In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CR | 2020-03-19 |
| CVE | CVE-2020-10109 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header | 2020-03-19 |
| CVE | CVE-2020-10108 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the fir | 2020-03-19 |
| CVE | CVE-2020-1010 | RESERVED | 2020-03-19 |
| CVE | CVE-2019-9515 | Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS f | 2020-03-19 |
| CVE | CVE-2019-9514 | Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and s | 2020-03-19 |
| CVE | CVE-2019-9512 | Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/ | 2020-03-19 |
| CVE | CVE-2019-12855 | In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to M | 2020-03-19 |
| CVE | CVE-2019-12387 | In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CR | 2020-03-19 |
| CVE | CVE-2020-10109 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header | 2020-03-19 |
| CVE | CVE-2020-10108 | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the fir | 2020-03-19 |
| CVE | CVE-2020-1010 | RESERVED | 2020-03-19 |
| CVE | CVE-2019-9515 | Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS f | 2020-03-19 |
About
-
Send Feedback to @ubuntu_updates
