EPSS
Percentile
78.1%
Affected versions of gajim allow remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza.
This has been fixed in squeeze-lts by version 0.13.4-3+squeeze4.
www.debian.org/lts/security/2016/dla-413