Opened 4 months ago

Closed 4 months ago

#30834 closed defect (fixed)

GetTor depends on Twisted, which has a URL sanitisation vulnerability

Reported by: teor Owned by:
Priority: Medium Milestone:
Component: Applications/GetTor Version:
Severity: Normal Keywords: security-low
Cc: traumschule, hiro, gaba Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I'm not sure if GetTor is affected, because the vulnerability depends on user input being put in URLs:
https://github.com/torproject/gettor/network/alert/requirements.txt/twisted/open

Here is a pull request created by GitHub's automated bot:
https://github.com/torproject/gettor/pull/1/files

Child Tickets

Change History (2)

comment:1 Changed 4 months ago by gaba

Cc: gaba added

comment:2 Changed 4 months ago by hiro

Resolution: fixed
Status: newclosed
Note: See TracTickets for help on using tickets.