Описание
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 1.8.3-1build1 |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage | |
| esm-apps/noble | not-affected | 1.8.3-1build1 |
| focal | ignored | end of standard support, was needs-triage |
| jammy | needs-triage | |
| kinetic | ignored | end of life, was needs-triage |
| lunar | ignored | end of life, was needs-triage |
Показывать по
10
EPSS
Процентиль: 35%
0.00139
Низкий
7.5 High
CVSS3
Связанные уязвимости
CVSS3: 7.5
nvd
около 3 лет назад
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
CVSS3: 7.5
debian
около 3 лет назад
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLS ...
CVSS3: 7.5
github
около 3 лет назад
Slixmpp lacks SSL Certificate hostname validation in XMLStream
EPSS
Процентиль: 35%
0.00139
Низкий
7.5 High
CVSS3