VDB

GCVE-110-MAGEIA-2015-50

GCVE-110-MAGEIA-2015-50
Advisory Published
Vulnetix · Advisory published February 5, 2015
HexChat did not verify that the server hostname matched the domain name in the subject's Common Name (CN) or subjectAltName field in X.509 certificates. This could allow a man-in-the-middle attacker to spoof an SSL server if they had a certificate that was valid for any domain name.

Affected Products

VendorProductVersionsPlatforms
Mageiahexchat0 (affected), 0 (affected), 2.9.6.1-3.1.mga4 (unaffected), 2.9.6.1-3.1.mga4 (unaffected)
Mageiadrakxtools0 (affected), 16.26.14-1.mga4 (unaffected)

Browse GCVE Records

73,118 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›