Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1.
Metrics
Affected Vendors & Products
Advisories
Source | ID | Title |
---|---|---|
![]() |
DLA-3970-1 | twisted security update |
![]() |
DSA-5797-1 | twisted security update |
![]() |
EUVD-2024-2318 | Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1. |
![]() |
GHSA-c8m8-j448-xjx7 | twisted.web has disordered HTTP pipeline response |
![]() |
USN-6988-1 | Twisted vulnerabilities |
![]() |
USN-6988-2 | Twisted vulnerability |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Tue, 17 Sep 2024 02:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2024-09-16T16:19:21.128Z
Reserved: 2024-07-18T15:21:47.485Z
Link: CVE-2024-41671

Updated: 2024-09-16T16:19:21.128Z

Status : Awaiting Analysis
Published: 2024-07-29T15:15:15.760
Modified: 2024-11-21T09:32:56.690
Link: CVE-2024-41671

No data.

Updated: 2025-07-12T16:01:30Z