{"url":"http://public2.vulnerablecode.io/api/packages/941614?format=json","purl":"pkg:deb/debian/twisted@18.9.0-7?distro=trixie","type":"deb","namespace":"debian","name":"twisted","version":"18.9.0-7","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"20.3.0-7+deb11u2","latest_non_vulnerable_version":"26.4.0-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6047?format=json","vulnerability_id":"VCID-7d7z-nhf1-kyhc","summary":"In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10109.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10109","reference_id":"","reference_type":"","scores":[{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87768","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87736","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87726","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87708","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87692","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87678","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87671","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87654","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87657","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87656","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87641","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87644","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87649","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87637","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87631","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87609","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87595","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87586","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03518","scoring_system":"epss","scoring_elements":"0.87723","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-p5xh-vx83-mxcj","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-p5xh-vx83-mxcj"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2020-260.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2020-260.yaml"},{"reference_url":"https://github.com/twisted/twisted","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted"},{"reference_url":"https://github.com/twisted/twisted/blob/6ff2c40e42416c83203422ff70dfc49d2681c8e2/NEWS.rst#twisted-2030-2020-03-13","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted/blob/6ff2c40e42416c83203422ff70dfc49d2681c8e2/NEWS.rst#twisted-2030-2020-03-13"},{"reference_url":"https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281"},{"reference_url":"https://know.bishopfox.com/advisories","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://know.bishopfox.com/advisories"},{"reference_url":"https://know.bishopfox.com/advisories/twisted-version-19.10.0","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://know.bishopfox.com/advisories/twisted-version-19.10.0"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10109","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10109"},{"reference_url":"https://security.gentoo.org/glsa/202007-24","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202007-24"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://usn.ubuntu.com/4308-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-1/"},{"reference_url":"https://usn.ubuntu.com/4308-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-2"},{"reference_url":"https://usn.ubuntu.com/4308-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-2/"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813447","reference_id":"1813447","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813447"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953950","reference_id":"953950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953950"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1561","reference_id":"RHSA-2020:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1561"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941614?format=json","purl":"pkg:deb/debian/twisted@18.9.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@18.9.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941610?format=json","purl":"pkg:deb/debian/twisted@20.3.0-7%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@20.3.0-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941608?format=json","purl":"pkg:deb/debian/twisted@22.4.0-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@22.4.0-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941612?format=json","purl":"pkg:deb/debian/twisted@24.11.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@24.11.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941611?format=json","purl":"pkg:deb/debian/twisted@25.5.0-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@25.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112592?format=json","purl":"pkg:deb/debian/twisted@26.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@26.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10109","GHSA-p5xh-vx83-mxcj","PYSEC-2020-260"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7d7z-nhf1-kyhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5895?format=json","vulnerability_id":"VCID-szfx-665h-w3eb","summary":"In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00013.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00013.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00028.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00028.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12855.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12855","reference_id":"","reference_type":"","scores":[{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70803","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70804","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70794","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70741","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70763","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70757","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70712","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70727","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70744","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70721","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70705","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.7066","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70682","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70663","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70648","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.7091","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70829","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70864","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70827","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70787","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70857","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12855"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-65rm-h285-5cc5","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-65rm-h285-5cc5"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2019-129.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2019-129.yaml"},{"reference_url":"https://github.com/twisted/twisted","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted"},{"reference_url":"https://github.com/twisted/twisted/pull/1147","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted/pull/1147"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLTZDMFBNFSJMBXYJNGJHENJA4H2TSMZ","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PLTZDMFBNFSJMBXYJNGJHENJA4H2TSMZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLTZDMFBNFSJMBXYJNGJHENJA4H2TSMZ","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLTZDMFBNFSJMBXYJNGJHENJA4H2TSMZ"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLTZDMFBNFSJMBXYJNGJHENJA4H2TSMZ/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PLTZDMFBNFSJMBXYJNGJHENJA4H2TSMZ/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12855","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12855"},{"reference_url":"https://twistedmatrix.com/trac/ticket/9561","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://twistedmatrix.com/trac/ticket/9561"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://usn.ubuntu.com/4308-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-1/"},{"reference_url":"https://usn.ubuntu.com/4308-2","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-2"},{"reference_url":"https://usn.ubuntu.com/4308-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-2/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"9.1","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728206","reference_id":"1728206","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1728206"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930626","reference_id":"930626","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930626"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941614?format=json","purl":"pkg:deb/debian/twisted@18.9.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@18.9.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941610?format=json","purl":"pkg:deb/debian/twisted@20.3.0-7%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@20.3.0-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941608?format=json","purl":"pkg:deb/debian/twisted@22.4.0-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@22.4.0-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941612?format=json","purl":"pkg:deb/debian/twisted@24.11.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@24.11.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941611?format=json","purl":"pkg:deb/debian/twisted@25.5.0-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@25.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112592?format=json","purl":"pkg:deb/debian/twisted@26.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@26.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12855","GHSA-65rm-h285-5cc5","PYSEC-2019-129"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-szfx-665h-w3eb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6046?format=json","vulnerability_id":"VCID-vcw1-fzw7-43f5","summary":"In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10108.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10108","reference_id":"","reference_type":"","scores":[{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87562","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87383","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87392","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87407","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87425","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87432","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87444","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87439","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87435","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.8745","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87453","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87449","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87465","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87472","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87486","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87527","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87513","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87501","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03411","scoring_system":"epss","scoring_elements":"0.87519","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-h96w-mmrf-2h6v","reference_id":"","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h96w-mmrf-2h6v"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2020-259.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2020-259.yaml"},{"reference_url":"https://github.com/twisted/twisted","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted"},{"reference_url":"https://github.com/twisted/twisted/blob/6ff2c40e42416c83203422ff70dfc49d2681c8e2/NEWS.rst#twisted-2030-2020-03-13","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted/blob/6ff2c40e42416c83203422ff70dfc49d2681c8e2/NEWS.rst#twisted-2030-2020-03-13"},{"reference_url":"https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281"},{"reference_url":"https://know.bishopfox.com/advisories","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://know.bishopfox.com/advisories"},{"reference_url":"https://know.bishopfox.com/advisories/twisted-version-19.10.0","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://know.bishopfox.com/advisories/twisted-version-19.10.0"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.debian.org/debian-lts-announce/2022/02/msg00021.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6ISMZFZBWW4EV6ETJGXAYIXN3AT7GBPL/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YW3NIL7VXSGJND2Q4BSXM3CFTAFU6T7D/"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10108","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-10108"},{"reference_url":"https://security.gentoo.org/glsa/202007-24","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/202007-24"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://usn.ubuntu.com/4308-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-1/"},{"reference_url":"https://usn.ubuntu.com/4308-2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-2"},{"reference_url":"https://usn.ubuntu.com/4308-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-2/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuoct2020.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuoct2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813439","reference_id":"1813439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1813439"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953950","reference_id":"953950","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953950"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:twisted:twisted:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1561","reference_id":"RHSA-2020:1561","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1962","reference_id":"RHSA-2020:1962","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1962"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941614?format=json","purl":"pkg:deb/debian/twisted@18.9.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@18.9.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941610?format=json","purl":"pkg:deb/debian/twisted@20.3.0-7%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@20.3.0-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941608?format=json","purl":"pkg:deb/debian/twisted@22.4.0-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@22.4.0-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941612?format=json","purl":"pkg:deb/debian/twisted@24.11.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@24.11.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941611?format=json","purl":"pkg:deb/debian/twisted@25.5.0-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@25.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112592?format=json","purl":"pkg:deb/debian/twisted@26.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@26.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2020-10108","GHSA-h96w-mmrf-2h6v","PYSEC-2020-259"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vcw1-fzw7-43f5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5894?format=json","vulnerability_id":"VCID-zx5n-czhy-6qgu","summary":"In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00030.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00030.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00042.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00042.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12387.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12387.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12387","reference_id":"","reference_type":"","scores":[{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66905","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66908","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66895","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66871","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.67017","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.6693","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66958","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66918","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66876","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66886","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66867","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66853","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66804","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66831","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66807","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66768","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66953","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66887","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.6684","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00521","scoring_system":"epss","scoring_elements":"0.66873","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-12387"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12387","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12387"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/advisories/GHSA-6cc5-2vg4-cc7m","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-6cc5-2vg4-cc7m"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2019-128.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/twisted/PYSEC-2019-128.yaml"},{"reference_url":"https://github.com/twisted/twisted","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted"},{"reference_url":"https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2"},{"reference_url":"https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://labs.twistedmatrix.com/2019/06/twisted-1921-released.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2G5RPDQ4BNB336HL6WW5ZJ344MAWNN7N/"},{"reference_url":"https://twistedmatrix.com/pipermail/twisted-python/2019-June/032352.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://twistedmatrix.com/pipermail/twisted-python/2019-June/032352.html"},{"reference_url":"https://usn.ubuntu.com/4308-1","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-1"},{"reference_url":"https://usn.ubuntu.com/4308-1/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-1/"},{"reference_url":"https://usn.ubuntu.com/4308-2","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://usn.ubuntu.com/4308-2"},{"reference_url":"https://usn.ubuntu.com/4308-2/","reference_id":"","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4308-2/"},{"reference_url":"https://www.oracle.com/security-alerts/cpuapr2020.html","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.oracle.com/security-alerts/cpuapr2020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1719501","reference_id":"1719501","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1719501"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930389","reference_id":"930389","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=930389"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12387","reference_id":"CVE-2019-12387","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-12387"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1091","reference_id":"RHSA-2020:1091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1091"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/941614?format=json","purl":"pkg:deb/debian/twisted@18.9.0-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@18.9.0-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941610?format=json","purl":"pkg:deb/debian/twisted@20.3.0-7%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@20.3.0-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941608?format=json","purl":"pkg:deb/debian/twisted@22.4.0-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@22.4.0-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941612?format=json","purl":"pkg:deb/debian/twisted@24.11.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@24.11.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941611?format=json","purl":"pkg:deb/debian/twisted@25.5.0-5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1v9e-4k92-5bbg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@25.5.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1112592?format=json","purl":"pkg:deb/debian/twisted@26.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@26.4.0-1%3Fdistro=trixie"}],"aliases":["CVE-2019-12387","GHSA-6cc5-2vg4-cc7m","PYSEC-2019-128"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zx5n-czhy-6qgu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/twisted@18.9.0-7%3Fdistro=trixie"}