Package impact
PyPI / slixmpp
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5591 | medium | 5.9 | 5.9 | 9y ago | An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This… | |||
| CVE-2022-45197 | unknown | — | — | 4y ago | Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp. | |||
| CVE-2019-1000021 | unknown | — | — | 4y ago | slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options pr… |