Vulnerabilities > Twisted
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-16 | CVE-2019-12855 | Improper Certificate Validation vulnerability in Twisted In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. | 7.4 |
| 2019-06-10 | CVE-2019-12387 | Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. | 6.1 |