Gajim : Security Vulnerabilities, CVEs, CVSS score >= 6
Gajim 1.2.x and 1.3.x before 1.3.3 allows remote attackers to cause a denial of service (crash) via a crafted XMPP Last Message Correction (XEP-0308) message in multi-user chat, where the message ID equals the correction ID.
Max CVSS
7.5
EPSS Score
0.15%
Published
2021-10-11
Updated
2021-10-19
SQL injection vulnerability in the get_last_conversation_lines function in common/logger.py in Gajim before 0.15 allows remote attackers to execute arbitrary SQL commands via the jig parameter.
Max CVSS
7.5
EPSS Score
0.65%
Published
2012-11-23
Updated
2013-04-19
The exec_command function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute.
Max CVSS
6.8
EPSS Score
2.10%
Published
2012-08-28
Updated
2013-04-19
3 vulnerabilities found