Libgadu: Security Vulnerabilities
libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.
CVSS Score
4.3
EPSS Score
0.003
Published
2014-10-10
libgadu before 1.11.4 and 1.12.0 before 1.12.0-rc3, as used in Pidgin and other products, allows remote Gadu-Gadu file relay servers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted message.
CVSS Score
7.5
EPSS Score
0.015
Published
2014-05-22