PYSEC-2019-212

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/twisted/PYSEC-2019-212.yaml

JSON Data

https://api.test.osv.dev/v1/vulns/PYSEC-2019-212

Aliases

CVE-2014-7143
GHSA-3c45-wgjp-7v9r

Published

2019-11-12T14:15:00Z

Modified

2023-11-01T04:45:44.967849Z

Summary

[none]

Details

Python Twisted 14.0 trustRoot is not respected in HTTP client

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-7143
http://www.openwall.com/lists/oss-security/2014/09/22/2
https://exchange.xforce.ibmcloud.com/vulnerabilities/96135
https://security-tracker.debian.org/tracker/CVE-2014-7143
https://github.com/advisories/GHSA-3c45-wgjp-7v9r

Affected packages

PyPI / twisted

Package

Name: twisted; View open source insights on deps.dev
Purl: pkg:pypi/twisted

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

14.0.1

Affected versions

1.*

1.0.1

1.0.3

1.0.4

1.0.5

1.0.6

1.0.7

1.1.0

1.1.1

1.2.0

2.*

2.1.0

2.4.0

2.5.0

8.*

8.0.0

8.0.1

8.1.0

8.2.0

9.*

9.0.0

10.*

10.0.0

10.1.0

10.2.0

11.*

11.0.0

11.1.0

12.*

12.0.0

12.1.0

12.2.0

12.3.0

13.*

13.0.0

13.1.0

13.2.0

14.*

14.0.0

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/twisted/PYSEC-2019-212.yaml"