In Twisted prior to 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an malicious user to inject invalid characters such as CRLF.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
twistedmatrix twisted |
||
fedoraproject fedora 29 |
||
canonical ubuntu linux 18.04 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 19.10 |
||
canonical ubuntu linux 16.04 |
||
oracle solaris 11 |
||
oracle zfs storage appliance kit 8.8 |