Vulnerabilities > Twistedmatrix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-16 | CVE-2019-12855 | Improper Certificate Validation vulnerability in Twistedmatrix Twisted 11.0.0 In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections. | 7.4 |
| 2019-06-10 | CVE-2019-12387 | Injection vulnerability in multiple products In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF. | 6.1 |
| 2017-07-17 | CVE-2017-1000007 | Improper Certificate Validation vulnerability in Twistedmatrix Txaws txAWS (all current versions) fail to perform complete certificate verification resulting in vulnerability to MitM attacks and information disclosure. | 5.9 |