All Twisted CVEs — Complete Vulnerability History
Twisted is Python's event-driven networking engine. It has a consistent CVE history around HTTP request splitting and header injection.
PyPI
5M+ weekly downloads
3 CVEs total
Full CVE history
| CVE | Year | Severity | Description | Fix |
|---|---|---|---|---|
| CVE-2022-21712 | 2022 | HIGH | Cookie and auth header exposure on redirect | Fixed 22.2.0 |
| CVE-2022-24801 | 2022 | HIGH | HTTP request splitting via crafted method | Fixed 22.4.0 |
| CVE-2023-46137 | 2023 | HIGH | HTTP request splitting via header injection | Fixed 23.10.0 |
Current safe version: 24.3.0
# Before Twisted==22.10.0
# After Twisted==24.3.0
Then run: pip install -r requirements.txt
Paste your manifest — get a fixed version with all CVEs patched in seconds.
Open PackageFix →Free · No signup · No CLI · Runs in your browser
Common questions
Is Twisted still actively maintained?
Yes — Twisted has been in continuous development since 2001 and remains the foundation for many production Python networking applications.