VDB

GCVE-110-MAGEIA-2013-170

GCVE-110-MAGEIA-2013-170
Advisory Published
Vulnetix · Advisory published June 18, 2013
Maksim Otstavnov discovered that the Wocky submodule used by telepathy-gabble does not respect the tls-required flag on legacy Jabber servers. A network intermediary could use this vulnerability to bypass TLS verification and perform a man-in-the-middle attack.

Affected Products

VendorProductVersionsPlatforms
Mageiatelepathy-gabble0 (affected), 0.16.6-1.mga2 (unaffected)
Mageiatelepathy-gabble0 (affected), 0.17.4-1.mga3 (unaffected)

Browse GCVE Records

73,280 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›