meta-openembedded

MIRRORS/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-01-27 12:01:38 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Soumya Sambu	7ca4d7761b	python3-twisted: Fix CVE-2024-41810 Twisted is an event-based framework for internet applications, supporting Python 3.6+. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body. This vulnerability is fixed in 24.7.0rc1. Reference: https://nvd.nist.gov/vuln/detail/CVE-2024-41810 Upstream patch: `046a164f89` Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>	2025-09-18 09:53:18 +02:00

Soumya Sambu

7ca4d7761b

python3-twisted: Fix CVE-2024-41810

Twisted is an event-based framework for internet applications, supporting Python 3.6+.
The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability.
If application code allows an attacker to control the redirect URL this vulnerability
may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body.
This vulnerability is fixed in 24.7.0rc1.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-41810

Upstream patch:
046a164f89

Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>

2025-09-18 09:53:18 +02:00

1 Commits