Hi unnamed person :)

The "upstream" report for https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 
is here  https://github.com/twisted/twisted/security/advisories/GHSA-8r99-h8j2-rw64
CVE-2020-10108

--------

The other security bugfix was done in 2018 and I guess that by then, there wasn't a well defined process in terms of reporting and tracking security issues.

Regards

On Mon, 4 Nov 2024 at 16:43, csoc--- via Twisted <twisted@python.org> wrote:
I'm currently looking into a couple of twisted vulnerabilities and came across the following vulnerabilities:

https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866
https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-564357

Does anyone know why these weren't given CVEs?
_______________________________________________
Twisted mailing list -- twisted@python.org
To unsubscribe send an email to twisted-leave@python.org
https://mail.python.org/mailman3/lists/twisted.python.org/
Message archived at https://mail.python.org/archives/list/twisted@python.org/message/2HZBYWY4CRHFJJEZ3TPLXFUWXR2T3CAL/
Code of Conduct: https://twisted.org/conduct


--
Adi Roiban