CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Twisted: >> Twisted Security Vulnerabilities

CVE-2019-12855

In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.

CVSS Score

7.4

EPSS Score

0.005

Published

2019-06-16

CVE-2019-12387

In Twisted before 19.2.1, twisted.web did not validate or sanitize URIs or HTTP methods, allowing an attacker to inject invalid characters such as CRLF.

CVSS Score

6.1

EPSS Score

0.009

Published

2019-06-10

Page 2

Vulnerabilities

Vulnerable Software

Twisted: >> Twisted Security Vulnerabilities

Products

Pricing

Contact Us