Vulnerabilities > Profanity Project

DATE CVE VULNERABILITY TITLE RISK
2022-09-18 CVE-2022-40769 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Profanity Project Profanity
profanity through 1.60 has only four billion possible RNG initializations.
network
low complexity
profanity-project CWE-338
7.5
2017-02-09 CVE-2017-5592 Origin Validation Error vulnerability in Profanity Project Profanity 0.4.7/0.5.0
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display.
network
high complexity
profanity-project CWE-346
5.9