Description

Twisted is an event-based framework for internet applications, supporting Python 3.6+. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure. This vulnerability is fixed in 24.7.0rc1.

INFO

Published Date :

2024-07-29T14:37:08.484Z

Last Modified :

2025-11-03T22:00:59.620Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2024-41671 vulnerability.

Vendors Products
Twisted
  • Twisted
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41671.

URL Resource
https://github.com/twisted/twisted/commit/046a164f89a0f08d3239ecebd750360f8914df33 cve-icon cve-icon cve-icon
https://github.com/twisted/twisted/commit/4a930de12fb67e88fefcb8822104152f42b27abc cve-icon cve-icon cve-icon
https://github.com/twisted/twisted/security/advisories/GHSA-c8m8-j448-xjx7 cve-icon cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html cve-icon
https://www.vicarius.io/vsociety/posts/disordered-http-pipeline-in-twistedweb-cve-2024-4167 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact