[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #30834 [Applications/GetTor]: GetTor depends on Twisted, which has a URL sanitisation vulnerability



#30834: GetTor depends on Twisted, which has a URL sanitisation vulnerability
-------------------------------------+--------------------------
     Reporter:  teor                 |      Owner:  (none)
         Type:  defect               |     Status:  new
     Priority:  Medium               |  Milestone:
    Component:  Applications/GetTor  |    Version:
     Severity:  Normal               |   Keywords:  security-low
Actual Points:                       |  Parent ID:
       Points:                       |   Reviewer:
      Sponsor:                       |
-------------------------------------+--------------------------
 I'm not sure if GetTor is affected, because the vulnerability depends on
 user input being put in URLs:
 https://github.com/torproject/gettor/network/alert/requirements.txt/twisted/open

 Here is a pull request created by GitHub's automated bot:
 https://github.com/torproject/gettor/pull/1/files

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30834>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs