![](https://secure.gravatar.com/avatar/088631a611a30371b4997308e175fb6d.jpg?s=120&d=mm&r=g)
I'm currently looking into a couple of twisted vulnerabilities and came across the following vulnerabilities: https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-564357 Does anyone know why these weren't given CVEs?
![](https://secure.gravatar.com/avatar/eba6eb871de2549c7447a8701352cd35.jpg?s=120&d=mm&r=g)
Hi unnamed person :) The "upstream" report for https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 is here https://github.com/twisted/twisted/security/advisories/GHSA-8r99-h8j2-rw64 CVE-2020-10108 -------- The other security bugfix was done in 2018 and I guess that by then, there wasn't a well defined process in terms of reporting and tracking security issues. Regards On Mon, 4 Nov 2024 at 16:43, csoc--- via Twisted <twisted@python.org> wrote:
-- Adi Roiban
![](https://secure.gravatar.com/avatar/eba6eb871de2549c7447a8701352cd35.jpg?s=120&d=mm&r=g)
Hi unnamed person :) The "upstream" report for https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 is here https://github.com/twisted/twisted/security/advisories/GHSA-8r99-h8j2-rw64 CVE-2020-10108 -------- The other security bugfix was done in 2018 and I guess that by then, there wasn't a well defined process in terms of reporting and tracking security issues. Regards On Mon, 4 Nov 2024 at 16:43, csoc--- via Twisted <twisted@python.org> wrote:
-- Adi Roiban
participants (2)
-
Adi Roiban
-
csoc@inl.gov