Headline
GHSA-q6cq-m9gm-6q2f: Slixmpp lacks SSL Certificate hostname validation in XMLStream
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
Slixmpp lacks SSL Certificate hostname validation in XMLStream
Moderate severity GitHub Reviewed Published Dec 25, 2022 • Updated Dec 30, 2022
Related news
CVE-2022-45197: History for slixmpp/xmlstream/xmlstream.py - poezio/slixmpp
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.