Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in twisted.web #10323

twisted-trac · 2022-03-31T06:13:41Z

	@twm reported
Trac ID	trac#10323
Type	defect
Created	2022-03-31 06:13:41Z

See GHSA-c2jg-hw38-jrqq for details.

CVE-2022-24801 / GHSA-c2jg-hw38-jrqq

Fixed in Twisted 22.4.0rc1 and later.

Searchable metadata

trac-id__10323 10323
type__defect defect
reporter__twm twm
priority__highest highest
milestone__None None
branch__ 
branch_author__ 
status__closed closed
resolution__fixed fixed
component__web web
keywords__None None
time__1648707221691948 1648707221691948
changetime__1649745315678394 1649745315678394
version__None None
owner__None None

The text was updated successfully, but these errors were encountered:

twisted-trac · 2022-04-01T04:55:05Z

	@twm commented

Ready for review: https://github.com/twisted/twisted-ghsa-c2jg-hw38-jrqq/pull/1

twisted-trac · 2022-04-12T06:33:19Z

	@twm set status to `closed`

twisted-trac · 2022-04-12T06:35:15Z

	@twm commented

As the PR is no longer accessible, I'll note that this was merged in 592217e

twisted-trac closed this as completed Apr 12, 2022

dependabot bot mentioned this issue Jan 31, 2023

Bump twisted from 21.2.0 to 22.4.0 in /apps/volve-3d-vtk plotly/dash-sample-apps#713

Closed

dependabot bot mentioned this issue May 26, 2022

Bump twisted from 19.7.0 to 22.4.0 dvdtoth/crypto-arbitrage-infra#18

Merged

This was referenced Jun 2, 2022

Bump twisted from 20.3.0 to 22.4.0 The-Nature-Conservancy-NASCA/WaterProof-geonode#84

Closed

Bump twisted from 16.1.1 to 22.4.0 apache/incubator-flagon-stout#6

Closed

dependabot bot mentioned this issue Apr 22, 2023

Bump twisted from 10.2.0 to 22.4.0 in /testing/tools/websocketprocessbridge SAP/project-foxhound#54

Closed

dependabot bot mentioned this issue Jul 23, 2023

build(deps): bump twisted from 21.2.0 to 22.4.0 nekochord/stock-spider#4

Closed

dependabot bot mentioned this issue May 26, 2022

Bump twisted from 19.2.0 to 22.4.0 alisw/MachineLearningHEP#808

Closed

dependabot bot mentioned this issue Aug 20, 2023

Bump twisted from 21.2.0 to 22.4.0 rehanhaider/stocky#12

Closed

dependabot bot mentioned this issue May 26, 2022

Bump twisted from 18.7.0 to 22.4.0 muladzevitali/alpr_detection_and_recognition#29

Open

This was referenced Oct 25, 2023

Bump twisted from 20.3.0 to 22.4.0 in /backend Agentofchaoss/tabby-web#9

Open

chore(deps): bump twisted from 20.3.0 to 22.4.0 Bnagel25/IdenaTelegramUpdater#1

Open

dependabot bot mentioned this issue May 26, 2022

Bump twisted from 17.9.0 to 22.4.0 in /BackEnd/DatabaseAPI DavidDexterCharles/GroupByClassModel#59

Closed

dependabot bot mentioned this issue May 26, 2022

Bump twisted from 19.7.0 to 22.4.0 in /scraper CivicDataLab/hp-fiscal-data-explorer-backend#65

Closed

dependabot bot mentioned this issue Apr 25, 2022

Bump twisted from 22.2.0 to 22.4.0 NandyBa/Dashboard_Crypto#11

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in twisted.web #10323

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in twisted.web #10323

twisted-trac commented Mar 31, 2022

twisted-trac commented Apr 1, 2022

twisted-trac commented Apr 12, 2022

twisted-trac commented Apr 12, 2022

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in twisted.web #10323

Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in twisted.web #10323

Comments

twisted-trac commented Mar 31, 2022

twisted-trac commented Apr 1, 2022

twisted-trac commented Apr 12, 2022

twisted-trac commented Apr 12, 2022