VDB

DEBIAN-CVE-2019-12387

DEBIAN-CVE-2019-12387 PUBLISHED CVSS 6.099999904632568 MEDIUM

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

Risk Scores

CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersions
Debian:14twisted0, 0, 0
Debian:12twisted0, 0, 0
Debian:13twisted0, 0, 0
Debian:11twisted0, 0, 0

Timeline

  • Jun 10, 2019 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›