Medium severity5.4NVD Advisory· Published Jan 15, 2016· Updated Jun 17, 2026
CVE-2015-8688
CVE-2015-8688
Description
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4- osv-coords2 versionspkg:rpm/opensuse/gajim&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/mcabber&distro=openSUSE%20Tumbleweed
< 0.16.6-1.1+ 1 more
- (no CPE)range: < 0.16.6-1.1
- (no CPE)range: < 1.0.4-1.1
Patches
Vulnerability mechanics
References
6- hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLognvdVendor Advisory
- gultsch.de/gajim_roster_push_and_message_interception.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175503.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175526.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-01/msg00027.htmlnvd
- www.debian.org/security/2016/dsa-3492nvd
News mentions
0No linked articles in our index yet.