FKIE_CVE-2022-39348

Vulnerability from fkie_nvd - Published: 2022-10-26 20:15 - Updated: 2025-11-03 22:15
Severity ?
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Summary
Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds.
References
security-advisories@github.comhttps://github.com/twisted/twisted/commit/f2f5e81c03f14e253e85fe457e646130780db40bPatch
security-advisories@github.comhttps://github.com/twisted/twisted/commit/f49041bb67792506d85aeda9cf6157e92f8048f4Patch
security-advisories@github.comhttps://github.com/twisted/twisted/security/advisories/GHSA-vg46-2rrj-3647Exploit, Patch, Third Party Advisory
security-advisories@github.comhttps://lists.debian.org/debian-lts-announce/2022/11/msg00038.htmlMailing List, Third Party Advisory
security-advisories@github.comhttps://security.gentoo.org/glsa/202301-02Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/twisted/twisted/commit/f2f5e81c03f14e253e85fe457e646130780db40bPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/twisted/twisted/commit/f49041bb67792506d85aeda9cf6157e92f8048f4Patch
af854a3a-2127-422b-91ae-364da2661108https://github.com/twisted/twisted/security/advisories/GHSA-vg46-2rrj-3647Exploit, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2022/11/msg00038.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202301-02Third Party Advisory
Impacted products
Vendor Product Version
twisted twisted *
debian debian_linux 10.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F189425-61DC-4B09-B387-6F7E6E536A0C",
              "versionEndExcluding": "22.10.0",
              "versionStartIncluding": "0.9.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Twisted is an event-based framework for internet applications. Started with version 0.9.4, when the host header does not match a configured host `twisted.web.vhost.NameVirtualHost` will return a `NoResource` resource which renders the Host header unescaped into the 404 response allowing HTML and script injection. In practice this should be very difficult to exploit as being able to modify the Host header of a normal HTTP request implies that one is already in a privileged position. This issue was fixed in version 22.10.0rc1. There are no known workarounds."
    },
    {
      "lang": "es",
      "value": "Twisted es un framework basado en eventos para aplicaciones de Internet. Comenz\u00f3 con la versi\u00f3n 0.9.4, cuando el encabezado del host no coincide con un host configurado \"twisted.web.vhost.NameVirtualHost\" devolver\u00e1 un recurso \"NoResource\" que hace que el encabezado del Host no sea escondido en la respuesta 404 permitiendo la inyecci\u00f3n de HTML y scripts. En la pr\u00e1ctica esto deber\u00eda ser muy dif\u00edcil de explotar ya que ser capaz de modificar el encabezado Host de una petici\u00f3n HTTP normal implica que uno ya est\u00e1 en una posici\u00f3n privilegiada. Este problema ha sido corregido en versi\u00f3n 22.10.0rc1. No se presenta mitigaciones conocidas"
    }
  ],
  "id": "CVE-2022-39348",
  "lastModified": "2025-11-03T22:15:59.850",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2022-10-26T20:15:10.580",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/twisted/twisted/commit/f2f5e81c03f14e253e85fe457e646130780db40b"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/twisted/twisted/commit/f49041bb67792506d85aeda9cf6157e92f8048f4"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/twisted/twisted/security/advisories/GHSA-vg46-2rrj-3647"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00038.html"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202301-02"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/twisted/twisted/commit/f2f5e81c03f14e253e85fe457e646130780db40b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/twisted/twisted/commit/f49041bb67792506d85aeda9cf6157e92f8048f4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/twisted/twisted/security/advisories/GHSA-vg46-2rrj-3647"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/202301-02"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        },
        {
          "lang": "en",
          "value": "CWE-80"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.