Test Kennung:	1.3.6.1.4.1.25623.1.0.147823
Kategorie:	Web Servers
Titel:	Twisted Web < 20.3.0 Multiple Vulnerabilities
Zusammenfassung:	Twisted Web is prone to multiple vulnerabilities.
Beschreibung:	Summary: Twisted Web is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: CVE-2020-10108: HTTP request splitting. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. CVE-2020-10109: HTTP request splittingy. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. Affected Software/OS: Twisted Web prior to version 20.3.0. Solution: Update to version 20.3.0 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10108 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/ https://security.gentoo.org/glsa/202007-24 https://know.bishopfox.com/advisories https://know.bishopfox.com/advisories/twisted-version-19.10.0 https://www.oracle.com/security-alerts/cpuoct2020.html https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html https://usn.ubuntu.com/4308-1/ https://usn.ubuntu.com/4308-2/ Common Vulnerability Exposure (CVE) ID: CVE-2020-10109
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.