#30834: GetTor depends on Twisted, which has a URL sanitisation vulnerability
-------------------------------------+--------------------------
Reporter: teor | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/GetTor | Version:
Severity: Normal | Keywords: security-low
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------------+--------------------------
I'm not sure if GetTor is affected, because the vulnerability depends on
user input being put in URLs:
https://github.com/torproject/gettor/network/alert/requirements.txt/twisted/open
Here is a pull request created by GitHub's automated bot:
https://github.com/torproject/gettor/pull/1/files
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30834>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
