CVE-2022-45197
7.5HIGHSlixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
게시됨: 12/25/2022업데이트됨: 4/14/2025
설명
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
AI 분석AI 기반
영향받는 제품
slixmpp_projectslixmpp
참조
- https://github.com/poezio/slixmpp/commits/master/slixmpp/xmlstream/xmlstream.pyPatchThird Party Advisory
- https://github.com/poezio/slixmpp/tagsThird Party Advisory
- https://lab.louiz.org/poezio/slixmpp/-/commit/b60b1b985db928532f97c4f61d6fbc801f0aa7faPatchThird Party Advisory
- https://lab.louiz.org/poezio/slixmpp/-/commits/masterPatchThird Party Advisory
- https://security.gentoo.org/glsa/202305-07
- https://github.com/poezio/slixmpp/commits/master/slixmpp/xmlstream/xmlstream.pyPatchThird Party Advisory
- https://github.com/poezio/slixmpp/tagsThird Party Advisory
- https://lab.louiz.org/poezio/slixmpp/-/commit/b60b1b985db928532f97c4f61d6fbc801f0aa7faPatchThird Party Advisory
- https://lab.louiz.org/poezio/slixmpp/-/commits/masterPatchThird Party Advisory
- https://security.gentoo.org/glsa/202305-07