ELSA-2020-1091

Опубликовано: 06 апр. 2020

Источник: oracle-oval

Платформа: Oracle Linux 7

Описание

ELSA-2020-1091: python-twisted-web security update (MODERATE)

[12.1.0-6]

Fix CVE-2019-12387 (HTTP Header Injection) Resolves: rhbz#1721518

Обновленные пакеты

Oracle Linux 7

Oracle Linux aarch64

python-twisted-web

12.1.0-6.el7

Oracle Linux x86_64

python-twisted-web

12.1.0-6.el7

Связанные CVE

CVE-2019-12387

Ссылки на источники

Связанные уязвимости

CVE-2019-12387

CVSS3: 6.1

ubuntu

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

CVE-2019-12387

CVSS3: 6.5

redhat

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

CVE-2019-12387

CVSS3: 6.1

nvd

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

CVE-2019-12387

CVSS3: 6.1

debian

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URI ...

openSUSE-SU-2019:1760-1

suse-cvrf

больше 6 лет назад

Security update for python-Twisted