CVE-2019-12387

Опубликовано: 10 июн. 2019

Источник: ubuntu

Приоритет: low

CVSS2: 4.3

CVSS3: 6.1

Описание

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

Релиз	Статус	Примечание
bionic	released	17.9.0-2ubuntu0.1
cosmic	ignored	end of life
devel	released	18.9.0-6ubuntu1
disco	ignored	end of life
eoan	released	18.9.0-3ubuntu1.1
esm-infra-legacy/trusty	released	13.2.0-1ubuntu1.2+esm1
esm-infra/bionic	released	17.9.0-2ubuntu0.1
esm-infra/xenial	released	16.0.0-1ubuntu0.4
precise/esm	not-affected	code not present
trusty	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
disco	DNE
eoan	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE
upstream	needs-triage

Показывать по

Ссылки на источники

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2019-12387

CVSS3: 6.5

redhat

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

CVE-2019-12387

CVSS3: 6.1

nvd

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

CVE-2019-12387

CVSS3: 6.1

debian

больше 6 лет назад

In Twisted before 19.2.1, twisted.web did not validate or sanitize URI ...

openSUSE-SU-2019:1760-1

suse-cvrf

больше 6 лет назад

Security update for python-Twisted

SUSE-SU-2019:2066-1

suse-cvrf

больше 6 лет назад

Security update for python-Twisted

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2019-12387

Описание

Пакет twisted

Пакет twisted-py3

Ссылки на источники

Связанные уязвимости