CVE-2024-46957

Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0.
Configurations

No configuration.

History

26 Sep 2024, 16:15

Type Values Removed Values Added
Summary (en) Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing because the stanza type is not checked. This is fixed in 0.22.0. (en) Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0.

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) Mellium mellium.im/xmpp 0.0.1 a 0.21.4 permite la suplantación de respuestas porque no se verifica el tipo de stanza. Esto se solucionó en 0.22.0.

25 Sep 2024, 01:37

Type Values Removed Values Added
CWE CWE-290
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

25 Sep 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-25 01:15

Updated : 2024-09-26 16:15


NVD link : CVE-2024-46957

Mitre link : CVE-2024-46957

CVE.ORG link : CVE-2024-46957


JSON object : View

Products Affected

No product.

CWE
CWE-290

Authentication Bypass by Spoofing