Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
twisted.web has disordered HTTP pipeline response
Vulnerability Description
Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
Vulnerability Type
HTTP请求的解释不一致性(HTTP请求私运)
Vulnerability Title
Twisted 安全漏洞
Vulnerability Description
Twisted是Twisted Matrix Labs开源的一款使用Python语言编写的事件驱动的开源网络引擎。 Twisted 24.3.0及之前版本存在安全漏洞,该漏洞源于twisted.web提供的HTTP 1.0和1.1服务器会无序处理流水线HTTP请求,从而导致信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A