Hi unnamed person :) The "upstream" report for https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 is here https://github.com/twisted/twisted/security/advisories/GHSA-8r99-h8j2-rw64 CVE-2020-10108
-------- The other security bugfix was done in 2018 and I guess that by then, there wasn't a well defined process in terms of reporting and tracking security issues. Regards On Mon, 4 Nov 2024 at 16:43, csoc--- via Twisted <[email protected]> wrote: > I'm currently looking into a couple of twisted vulnerabilities and came > across the following vulnerabilities: > > https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 > https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-564357 > > Does anyone know why these weren't given CVEs? > _______________________________________________ > Twisted mailing list -- [email protected] > To unsubscribe send an email to [email protected] > https://mail.python.org/mailman3/lists/twisted.python.org/ > Message archived at > https://mail.python.org/archives/list/[email protected]/message/2HZBYWY4CRHFJJEZ3TPLXFUWXR2T3CAL/ > Code of Conduct: https://twisted.org/conduct > -- Adi Roiban
_______________________________________________ Twisted mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3/lists/twisted.python.org/ Message archived at https://mail.python.org/archives/list/[email protected]/message/BWT3KWN7JXVITEPWTJ6TRIOBDDB6PAMU/ Code of Conduct: https://twisted.org/conduct
