Vulnerabilities > Gajim > Gajim > 0.8.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-27 | CVE-2022-39835 | Unspecified vulnerability in Gajim An issue was discovered in Gajim through 1.4.7. | 5.3 |
| 2017-05-28 | CVE-2016-10376 | Cryptographic Issues vulnerability in Gajim Gajim through 0.16.7 unconditionally implements the "XEP-0146: Remote Controlling Clients" extension. | 3.5 |
| 2016-01-15 | CVE-2015-8688 | Improper Input Validation vulnerability in Gajim Gajim before 0.16.5 allows remote attackers to modify the roster and intercept messages via a crafted roster-push IQ stanza. | 5.8 |
| 2014-02-08 | CVE-2012-5524 | Improper Input Validation vulnerability in Gajim The _ssl_verify_callback function in tls_nb.py in Gajim before 0.15.3 does not properly verify SSL certificates, which allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA. | 4.3 |
| 2012-11-23 | CVE-2012-2086 | SQL Injection vulnerability in Gajim SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter. | 7.5 |
| 2012-08-28 | CVE-2012-2085 | Code Injection vulnerability in Gajim The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute. | 6.8 |