Описание
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 17.9.0-2ubuntu0.1 |
| cosmic | ignored | end of life |
| devel | released | 18.9.0-6ubuntu1 |
| disco | ignored | end of life |
| eoan | released | 18.9.0-3ubuntu1.1 |
| esm-infra-legacy/trusty | released | 13.2.0-1ubuntu1.2+esm1 |
| esm-infra/bionic | released | 17.9.0-2ubuntu0.1 |
| esm-infra/xenial | released | 16.0.0-1ubuntu0.4 |
| precise/esm | not-affected | code not present |
| trusty | ignored | end of standard support |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
| trusty/esm | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
5.8 Medium
CVSS2
7.4 High
CVSS3
Связанные уязвимости
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS, allowing an attacker to MITM connections.
In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP su ...
EPSS
5.8 Medium
CVSS2
7.4 High
CVSS3