[Forgot Password]
Login  Register Subscribe

26309

 
 

132812

 
 

150505

 
 

909

 
 

119751

 
 

158

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:1600466
It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote att ...

oval:org.secpod.oval:def:37872
python26-twisted-web is installed

oval:org.secpod.oval:def:1601136
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request.

*CPE
cpe:/a:python:python26-twisted-web

© SecPod Technologies