CVE-2014-7143 (High) detected in Twisted-14.0.0.tar.bz2 #2
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-for-github-com
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2014-7143 - High Severity Vulnerability
An asynchronous networking framework written in Python
Library home page: https://files.pythonhosted.org/packages/76/38/cf8f81c1d7d84fec922d67f0d92bfa9fee59145d875d7263ceefa2bbbaf4/Twisted-14.0.0.tar.bz2
Path to dependency file: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt
Path to vulnerable library: clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/requirements.txt,clusterfuzz/src/local/butler/scripts,clusterfuzz/src/python/bot/untrusted_runner/build,clusterfuzz/resources/platform/linux/peach/peach_mutator/peach_mutator/third_party/peach/requirements.txt,clusterfuzz/src/appengine/handlers/cron/project,clusterfuzz/src/python/bot/tasks
Dependency Hierarchy:
Found in HEAD commit: aefe4b0859891117218fba5984e5c3e753ea9597
Python Twisted 14.0 trustRoot is not respected in HTTP client
Publish Date: 2019-11-12
URL: CVE-2014-7143
Base Score Metrics:
- Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
- Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: High
- Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-7143
Release Date: 2019-05-30
Fix Resolution: 14.0.1
The text was updated successfully, but these errors were encountered: