VDB
DEBIAN-CVE-2019-12387
DEBIAN-CVE-2019-12387
PUBLISHED
CVSS 6.099999904632568 MEDIUM
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
Risk Scores
CVSS 3.1
6.099999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:14 | twisted | 0, 0, 0 |
| Debian:12 | twisted | 0, 0, 0 |
| Debian:13 | twisted | 0, 0, 0 |
| Debian:11 | twisted | 0, 0, 0 |
Timeline
- Jun 10, 2019 CVE Published
- Apr 28, 2026 CVE Updated