CVE-2012-5524
EPSS 0.20%發布日:2014/2/8修改日:2026/4/28
描述
The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA.
受影響套件(1)
- Debian/gajimfrom 0, < 0.15.4-1