Alerts This Week
Warning Icon 1 1,394
Alerts This Week
Warning Icon 1 1,394

Mageia 9: MGASA-2025-0054 critical: python-twisted HTML injection

mageia
Calendar Grey February 12, 2025
Dist Mageia Esm H88
Recent python-twisted updates fix significant security issues. Check the advisory for information on the vulnerabilities addressed and the mitigations applied.
Twisted.web has disordered HTTP pipeline response

Summary

Twisted.web has disordered HTTP pipeline response. (CVE-2023-46137) Twisted.web has disordered HTTP pipeline response. (CVE-2024-41671) HTML injection in HTTP redirect body. (CVE-2024-41810)

References

- https://bugs.mageia.org/show_bug.cgi?id=33807

- https://ubuntu.com/security/notices/USN-6575-1

- https://ubuntu.com/security/notices/USN-6988-1

- https://ubuntu.com/security/notices/USN-6988-2

- https://www.cve.org/CVERecord?id=CVE-2023-46137

- https://www.cve.org/CVERecord?id=CVE-2024-41671

- https://www.cve.org/CVERecord?id=CVE-2024-41810

Resolution

SRPMS

- 9/core/python-twisted-22.10.0-2.1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 12 Feb 2025
URL: https://advisories.mageia.org/MGASA-2025-0054.html
Type: security
CVE: CVE-2023-46137, CVE-2024-41671, CVE-2024-41810

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here