vulnerability
FreeBSD: (Multiple Advisories) (CVE-2022-45197): Slixmpp -- Lack of SSL Certificate hostname validation in XMLStream
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:C/A:N) | Dec 10, 2022 | Apr 14, 2023 | Jan 28, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Dec 10, 2022
Added
Apr 14, 2023
Modified
Jan 28, 2025
Description
Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.
Solution(s)
freebsd-upgrade-package-py310-slixmppfreebsd-upgrade-package-py311-slixmppfreebsd-upgrade-package-py37-slixmppfreebsd-upgrade-package-py38-slixmppfreebsd-upgrade-package-py39-slixmpp
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.