CVE 2019-12387
In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.
See the 
CVE page on Mitre.org
for more details.
Launchpad.net
References
- CONFIRM: https://github.com/twi...
- CONFIRM: https://labs.twistedma...
- CONFIRM: https://twistedmatrix....
- SUSE: openSUSE-SU-2019:1760
- SUSE: openSUSE-SU-2019:1785
- FEDORA: FEDORA-2019-b67877d7c2
- UBUNTU: USN-4308-1
- UBUNTU: USN-4308-2
- MISC: https://www.oracle.com...
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
1b1ed1a
(Get the code!)