FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
93db4f92-9997-4f4f-8614-3963d9e2b0ec	py-slixmpp -- incomplete SSL certificate validation Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp. Discovery 2022-12-25 Entry 2023-04-09 py37-slixmpp py38-slixmpp py39-slixmpp py310-slixmpp py311-slixmpp < 1.8.3 CVE-2022-45197 https://osv.dev/vulnerability/GHSA-q6cq-m9gm-6q2f
f9cfdb00-7f43-11ef-9b27-592d55dd336d	Slixmpp -- Lack of SSL Certificate hostname validation in XMLStream NIST reports: Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp. Discovery 2022-12-25 Entry 2024-09-30 py38-slixmpp py39-slixmpp py310-slixmpp py311-slixmpp < 1.8.3 CVE-2022-45197 https://nvd.nist.gov/vuln/detail/CVE-2022-45197

VuXML ID

Description

93db4f92-9997-4f4f-8614-3963d9e2b0ec

py-slixmpp -- incomplete SSL certificate validation

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.

Discovery 2022-12-25
Entry 2023-04-09
py37-slixmpp
py38-slixmpp
py39-slixmpp
py310-slixmpp
py311-slixmpp

< 1.8.3

CVE-2022-45197
https://osv.dev/vulnerability/GHSA-q6cq-m9gm-6q2f

Slixmpp -- Lack of SSL Certificate hostname validation in XMLStream

NIST reports:

Slixmpp before 1.8.3 lacks SSL Certificate hostname validation in XMLStream, allowing an attacker to pose as any server in the eyes of Slixmpp.

Discovery 2022-12-25
Entry 2024-09-30
py38-slixmpp
py39-slixmpp
py310-slixmpp
py311-slixmpp

< 1.8.3

CVE-2022-45197
https://nvd.nist.gov/vuln/detail/CVE-2022-45197