Critical severity9.8GHSA Advisory· Published Sep 25, 2024· Updated Apr 15, 2026
CVE-2024-46957
CVE-2024-46957
Description
Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mellium.im/xmppGo | < 0.22.0 | 0.22.0 |
Affected products
2Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.