GCVE-VVD-MAGEIA-2019-360 — Vulnetix

GCVE-VVD-MAGEIA-2019-360

Advisory Published

Vulnetix · Advisory published December 6, 2019

Updated python-twisted packages fix security vulnerabilities: Improper sanitization of URIs or HTTP which could allow attackers to perform CRLF attacks (CVE-2019-12387). In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections (CVE-2019-12855).

Download JSON Open in Console

Affected Products

Vendor	Product	Versions	Platforms
Mageia	python-twisted	0 (affected), 19.2.1-1.1.mga7 (unaffected)	—

Aliases

CVE-2019-12855 CVE-2019-12387

Transitive aliases

OPENSUSE-SU-2019:2068-1 MSRC_CVE-2019-12855 VVD-GENTOO-2020-711760 BDU:2019-02525 GHSA-6cc5-2vg4-cc7m GHSA-65rm-h285-5cc5 OPENSUSE-SU-2019:2110-1 PYSEC-2019-129 SUSE-SU-2019:2453-1 OPENSUSE-SU-2024:11212-1 GSD-2019-12855 EUVD-2019-0146 EUVD-2019-0147 BDU:2020-02755

References

Updated python-twisted packages fix security vulnerabilities

advisory

Updated python-twisted packages fix security vulnerabilities

issue

Updated python-twisted packages fix security vulnerabilities

issue

Updated python-twisted packages fix security vulnerabilities

issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON

$ Console Community · 100/wk Open console ›