PT-2019-20146 — Twisted Matrix Laboratories Twisted

PT-2019-20146 · Twisted Matrix Laboratories · Twisted

Published

2019-06-16

Updated

2019-06-16

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Twisted versions prior to 19.2.1

Description The issue concerns the XMPP support in Twisted, which failed to verify certificates when used with TLS. This allowed an attacker to perform a man-in-the-middle (MITM) attack on connections.

Recommendations For versions prior to 19.2.1, update to version 19.2.1 or later to resolve the issue.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

PYSEC-2019-59

Affected Products

Twisted