rpm package
opensuse/python-slixmpp&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/python-slixmpp&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-45197 | — | < 1.8.6-1.1 | 1.8.6-1.1 | Dec 25, 2022 | Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp. | ||
| CVE-2019-1000021 | — | < 1.8.5-1.2 | 1.8.5-1.2 | Feb 4, 2019 | slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all | ||
| CVE-2017-5589 | Med | 5.9 | < 1.8.5-1.2 | 1.8.5-1.2 | Feb 9, 2017 | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for yaxim an |
- CVE-2022-45197Dec 25, 2022affected < 1.8.6-1.1fixed 1.8.6-1.1
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
- CVE-2019-1000021Feb 4, 2019affected < 1.8.5-1.2fixed 1.8.5-1.2
slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all
- affected < 1.8.5-1.2fixed 1.8.5-1.2
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for yaxim an