Hi unnamed person :) The "upstream" report for https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 is here https://github.com/twisted/twisted/security/advisories/GHSA-8r99-h8j2-rw64 CVE-2020-10108
-------- The other security bugfix was done in 2018 and I guess that by then, there wasn't a well defined process in terms of reporting and tracking security issues. Regards On Mon, 4 Nov 2024 at 16:43, csoc--- via Twisted <twisted@python.org> wrote: > I'm currently looking into a couple of twisted vulnerabilities and came > across the following vulnerabilities: > > https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 > https://security.snyk.io/vuln/SNYK-PYTHON-TWISTED-564357 > > Does anyone know why these weren't given CVEs? > _______________________________________________ > Twisted mailing list -- twisted@python.org > To unsubscribe send an email to twisted-le...@python.org > https://mail.python.org/mailman3/lists/twisted.python.org/ > Message archived at > https://mail.python.org/archives/list/twisted@python.org/message/2HZBYWY4CRHFJJEZ3TPLXFUWXR2T3CAL/ > Code of Conduct: https://twisted.org/conduct > -- Adi Roiban
_______________________________________________ Twisted mailing list -- twisted@python.org To unsubscribe send an email to twisted-le...@python.org https://mail.python.org/mailman3/lists/twisted.python.org/ Message archived at https://mail.python.org/archives/list/twisted@python.org/message/BWT3KWN7JXVITEPWTJ6TRIOBDDB6PAMU/ Code of Conduct: https://twisted.org/conduct
