rpm package
opensuse/mcabber&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/mcabber&distro=openSUSE%20Tumbleweed
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-5589 | Med | 5.9 | < 1.1.2-1.1 | 1.1.2-1.1 | Feb 9, 2017 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for yaxim an | |
| CVE-2015-8688 | Med | 5.4 | < 1.0.4-1.1 | 1.0.4-1.1 | Jan 15, 2016 | Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza. |
- affected < 1.1.2-1.1fixed 1.1.2-1.1
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for yaxim an
- affected < 1.0.4-1.1fixed 1.0.4-1.1
Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.