VulnerableCode Package Details - pkg:deb/debian/mcabber@0.10.1-3

Search for packages

Vulnerability	Summary	Fixed by
VCID-d79u-7k2v-4qd4 Aliases: CVE-2016-9928	MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.	1.0.4-1.1 Affected by 0 other vulnerabilities.
VCID-hdb9-p8sz-tfg9 Aliases: CVE-2017-5604	An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4.	1.0.4-1.1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-d79u-7k2v-4qd4
Aliases:
CVE-2016-9928

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.

1.0.4-1.1
Affected by 0 other vulnerabilities.

VCID-hdb9-p8sz-tfg9
Aliases:
CVE-2017-5604

An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4.

1.0.4-1.1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:18:48.126644+00:00	Debian Oval Importer	Affected by	VCID-hdb9-p8sz-tfg9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:32:08.554434+00:00	Debian Oval Importer	Affected by	VCID-d79u-7k2v-4qd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T23:52:26.312448+00:00	Debian Oval Importer	Affected by	VCID-hdb9-p8sz-tfg9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:14:56.677583+00:00	Debian Oval Importer	Affected by	VCID-d79u-7k2v-4qd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T23:24:23.476837+00:00	Debian Oval Importer	Affected by	VCID-hdb9-p8sz-tfg9	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T18:58:54.385813+00:00	Debian Oval Importer	Affected by	VCID-d79u-7k2v-4qd4	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0