24 matches found
Amazon Linux 2 : pidgin (ALAS-2023-2115)
The version of pidgin installed on the remote host is prior to 2.10.11-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2115 advisory. An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to...
Medium: pidgin
Issue Overview: An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain,...
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2022-2230)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for pidgin (EulerOS-SA-2022-2277)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : pidgin (EulerOS-SA-2022-2277)
According to the versions of the pidgin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious...
EulerOS 2.0 SP8 : pidgin (EulerOS-SA-2022-2230)
According to the versions of the pidgin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious...
Pidgin < 2.14.9 Improper Certificate Validation Vulnerability - Windows
Pidgin is prone to an improper certificate validation vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Pidgin < 2.14.9 Improper Certificate Validation Vulnerability - Mac OS X
Pidgin is prone to an improper certificate validation vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
[SECURITY] [DLA 3043-1] pidgin security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3043-1 [email protected] https://www.debian.org/lts/security/ Andreas Rönnquist June 06, 2022 https://wiki.debian.org/LTS -...
Debian DLA-3043-1 : pidgin - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3043 advisory. An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perfo...
CVE-2022-26491
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...
CVE-2022-26491
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...
CVE-2022-26491
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...
CVE-2022-26491
CVE-2022-26491 affects Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client to a malicious server, causing the client to verify TLS for the malicious domain instead of the original XMPP service. This can allow the attacker to take over the XMPP connection and ...
CVE-2022-26491
An issue was discovered in Pidgin before 2.14.9. A remote attacker who can spoof DNS responses can redirect a client connection to a malicious server. The client will perform TLS certificate verification of the malicious domain name instead of the original XMPP service domain, allowing the attack...
Mageia: Security Advisory (MGASA-2022-0208)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2022-0208 Updated pidgin packages fix security vulnerability
MITM vulnerability when DNSSEC wasn't used CVE-2022-26491...
SUSE: Security Advisory (SUSE-SU-2022:1693-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for pidgin (SUSE-SU-2022:1665-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:1664-1 Security update for pidgin
This update for pidgin fixes the following issues: - CVE-2022-26491: Fixed MITM vulnerability when DNSSEC wasn't used bsc1199025...