CVE-2013-4488
EPSS 0.28%
Description
libgadu before 1.12.0 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers.
How to fix CVE-2013-4488
No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.
- Debian/libgadu—no fix listed
Is CVE-2013-4488 being exploited?
Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0