I'm currently looking into a couple of twisted vulnerabilities and came across the following vulnerabilities: https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-564357 Does anyone know why these weren't given CVEs?
Hi unnamed person :) The "upstream" report for https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 is here https://github.com/twisted/twisted/security/advisories/GHSA-8r99-h8j2-rw64 CVE-2020-10108 -------- The other security bugfix was done in 2018 and I guess that by then, there wasn't a well defined process in terms of reporting and tracking security issues. Regards On Mon, 4 Nov 2024 at 16:43, csoc--- via Twisted <twisted@python.org> wrote:
I'm currently looking into a couple of twisted vulnerabilities and came across the following vulnerabilities:
https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-564357
Does anyone know why these weren't given CVEs? _______________________________________________ Twisted mailing list -- twisted@python.org To unsubscribe send an email to twisted-leave@python.org https://mail.python.org/mailman3/lists/twisted.python.org/ Message archived at https://mail.python.org/archives/list/twisted@python.org/message/2HZBYWY4CRH... Code of Conduct: https://twisted.org/conduct
-- Adi Roiban
participants (2)
-
Adi Roiban -
csoc@inl.gov