FLAT-PX1P7 – Vulnerability | Fluid Attacks Database

Database

Description

libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version
debian 12	libgadu	=1:1.12.2-6 \|\| =1:1.12.2-6.1 \|\| =1:1.12.2-6.1~exp1 \|\| =1:1.12.2-7
debian 14	libgadu	=1:1.12.2-6.1 \|\| =1:1.12.2-7
debian 11	libgadu	=1:1.12.2-5 \|\| =1:1.12.2-6 \|\| =1:1.12.2-6.1 \|\| =1:1.12.2-6.1~exp1 \|\| =1:1.12.2-7
debian 13	libgadu	=1:1.12.2-6.1 \|\| =1:1.12.2-7

Aliases

1. CVE-2013-44882. NVD-2013-44883. OSV-DEBIAN-2013-44884. OSV-2013-44885. SECURITY-TRACKER-CVE-2013-4488