VulnerableCode Package Details - pkg:apk/alpine/py3-twisted@19.7.0-r0?arch=armv7&distroversion=edge&reponame=community

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:apk/alpine/py3-twisted@19.7.0-r0?arch=armv7&distroversion=edge&reponame=community

purl	pkg:apk/alpine/py3-twisted@19.7.0-r0?arch=armv7&distroversion=edge&reponame=community

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-szfx-665h-w3eb	In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.	CVE-2019-12855 GHSA-65rm-h285-5cc5 PYSEC-2019-129
VCID-zx5n-czhy-6qgu	In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.	CVE-2019-12387 GHSA-6cc5-2vg4-cc7m PYSEC-2019-128

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-01T19:14:58.070313+00:00	Alpine Linux Importer	Fixing	VCID-szfx-665h-w3eb	https://secdb.alpinelinux.org/edge/community.json	38.0.0
2026-04-01T18:52:27.186757+00:00	Alpine Linux Importer	Fixing	VCID-zx5n-czhy-6qgu	https://secdb.alpinelinux.org/edge/community.json	38.0.0