Lucene search
MitreCVELIST:CVE-2022-24968HistoryFeb 11, 2022 - 6:16 p.m.
CVE-2022-24968
2022-02-1118:16:54
mitre
www.cve.org
In Mellium mellium.im/xmpp through 0.21.0, an attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Related
osv
osv
Man-in-the-middle attack due to improper validation of certificate in mellium.im/xmpp
2022-07-29 20:00:14
CVE-2022-24968
2022-02-11 22:15:07
cnvd
cnvd
Mellium has unspecified vulnerabilities
2022-02-15 00:00:00
cve
cve
CVE-2022-24968
2022-02-11 22:15:07
CVE-2022-26491
2022-06-02 14:15:40
gitlab
gitlab
TLS certificate validation error
2022-02-12 00:00:00
veracode
veracode
DNS Spoofing
2022-02-17 05:16:34
prion
prion
Design/Logic Flaw
2022-02-11 22:15:00
Design/Logic Flaw
2022-06-02 14:15:00
nvd
nvd
CVE-2022-24968
2022-02-11 22:15:07
CVE-2022-26491
2022-06-02 14:15:40
github
github
nessus
nessus
SUSE SLED15 / SLES15 Security Update : pidgin (SUSE-SU-2022:1693-1)
2022-05-18 00:00:00
SUSE SLED15 / SLES15 Security Update : pidgin (SUSE-SU-2022:1665-1)
2022-05-17 00:00:00
EulerOS 2.0 SP8 : pidgin (EulerOS-SA-2022-2230)
2022-08-17 00:00:00
debiancve
debiancve
CVE-2022-26491
2022-06-02 14:15:40
amazon
amazon
Medium: pidgin
2023-07-05 22:01:00
openvas
openvas
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2022-2230)
2022-08-18 00:00:00
cvelist
cvelist
CVE-2022-26491
2022-05-31 04:25:23
ubuntucve
ubuntucve
CVE-2022-26491
2022-06-02 00:00:00
alpinelinux
alpinelinux
CVE-2022-26491
2022-06-02 14:15:40