FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Slixmpp -- Lack of SSL Certificate hostname validation in XMLStream

Affected packages
py310-slixmpp < 1.8.3
py311-slixmpp < 1.8.3
py38-slixmpp < 1.8.3
py39-slixmpp < 1.8.3

Details

VuXML ID f9cfdb00-7f43-11ef-9b27-592d55dd336d
Discovery 2022-12-25
Entry 2024-09-30

NIST reports:

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.

[source]

References

CVE Name CVE-2022-45197
URL https://nvd.nist.gov/vuln/detail/CVE-2022-45197

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.