Lucene search
Veracode Vulnerability DatabaseVERACODE:34259HistoryFeb 17, 2022 - 5:16 a.m.
DNS Spoofing
2022-02-1705:16:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
0.001 Low
EPSS
Percentile
34.3%
mellium.im/xmpp is vulnerable to DNS spoofing. The vulnerability exists due to a lack of verification of the host name allowing an attacker to potentially deceive the user with a malicious DNS ID because the library does not properly verify TLS certification.
| CPE | Name | Operator | Version |
|---|---|---|---|
| mellium.im/xmpp | le | v0.21.0 | |
| mellium.im/xmpp | le | v0.21.0 |
Related
cnvd
cnvd
Mellium has unspecified vulnerabilities
2022-02-15 00:00:00
osv
osv
Man-in-the-middle attack due to improper validation of certificate in mellium.im/xmpp
2022-07-29 20:00:14
CVE-2022-24968
2022-02-11 22:15:07
cvelist
cvelist
CVE-2022-24968
2022-02-11 18:16:54
CVE-2022-26491
2022-05-31 04:25:23
cve
cve
CVE-2022-24968
2022-02-11 22:15:07
CVE-2022-26491
2022-06-02 14:15:40
gitlab
gitlab
TLS certificate validation error
2022-02-12 00:00:00
prion
prion
Design/Logic Flaw
2022-02-11 22:15:00
Design/Logic Flaw
2022-06-02 14:15:00
nvd
nvd
CVE-2022-24968
2022-02-11 22:15:07
CVE-2022-26491
2022-06-02 14:15:40
github
github
nessus
nessus
SUSE SLED15 / SLES15 Security Update : pidgin (SUSE-SU-2022:1693-1)
2022-05-18 00:00:00
SUSE SLED15 / SLES15 Security Update : pidgin (SUSE-SU-2022:1665-1)
2022-05-17 00:00:00
Debian DLA-3043-1 : pidgin - LTS security update
2022-06-06 00:00:00
debiancve
debiancve
CVE-2022-26491
2022-06-02 14:15:40
ubuntucve
ubuntucve
CVE-2022-26491
2022-06-02 00:00:00
alpinelinux
alpinelinux
CVE-2022-26491
2022-06-02 14:15:40
amazon
amazon
Medium: pidgin
2023-07-05 22:01:00
openvas
openvas
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2022-2230)
2022-08-18 00:00:00