Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0.
References
Configurations
No configuration.
History
26 Sep 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Mellium mellium.im/xmpp 0.0.1 through 0.21.4 allows response spoofing if the implementation uses predictable IDs because the stanza type is not checked. This is fixed in 0.22.0. |
26 Sep 2024, 13:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Sep 2024, 01:37
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-290 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
25 Sep 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-25 01:15
Updated : 2024-09-26 16:15
NVD link : CVE-2024-46957
Mitre link : CVE-2024-46957
CVE.ORG link : CVE-2024-46957
JSON object : View
Products Affected
No product.
CWE
CWE-290
Authentication Bypass by Spoofing