VYPR

Sleekxmpp

by Slixmpp Project

pypi: sleekxmpp

Source repositories

CVEs (2)

  • CVE-2017-5591MedFeb 9, 2017
    risk 0.31cvss 5.9epss 0.01

    An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for…

  • CVE-2019-1000021Feb 4, 2019
    risk 0.00cvss epss 0.02

    slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all…