CVE-2022-45197

Опубликовано: 25 дек. 2022

Источник: debian

Описание

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.

Пакет	Статус	Версия исправления	Релиз	Тип
slixmpp	fixed	1.8.3-1		package
slixmpp	no-dsa		bullseye	package
slixmpp	no-dsa		buster	package

https://lab.louiz.org/poezio/slixmpp/-/commit/b60b1b985db928532f97c4f61d6fbc801f0aa7fa (slix-1.8.3)

CVE-2022-45197

CVSS3: 7.5

ubuntu

около 3 лет назад

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.

CVE-2022-45197

CVSS3: 7.5

nvd

около 3 лет назад

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.

openSUSE-SU-2022:10242-1

suse-cvrf

около 3 лет назад

Security update for python-slixmpp

openSUSE-SU-2022:10241-1

suse-cvrf

около 3 лет назад

Security update for python-slixmpp

GHSA-q6cq-m9gm-6q2f

CVSS3: 7.5

github

около 3 лет назад

Slixmpp lacks SSL Certificate hostname validation in XMLStream