Medium severity5.4NVD Advisory· Published Jan 15, 2016· Updated May 6, 2026
CVE-2015-8688
CVE-2015-8688
Description
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- hg.gajim.org/gajim/file/gajim-0.16.5/ChangeLognvdVendor Advisory
- gultsch.de/gajim_roster_push_and_message_interception.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175503.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2016-January/175526.htmlnvd
- lists.opensuse.org/opensuse-updates/2016-01/msg00027.htmlnvd
- www.debian.org/security/2016/dsa-3492nvd
News mentions
0No linked articles in our index yet.