mellium.im/xmpp is vulnerable to DNS spoofing. The vulnerability exists due to a lack of verification of the host name allowing an attacker to potentially deceive the user with a malicious DNS ID because the library does not properly verify TLS certification.
CPE | Name | Operator | Version |
---|---|---|---|
mellium.im/xmpp | le | v0.21.0 | |
mellium.im/xmpp | le | v0.21.0 |