Approved changes feed: RSS · Atom

cpe:2.3:a:aioxmpp_project:aioxmpp:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAioxmpp Project (e7e3a301-05eb-5011-b201-07f1f30dc7b0)
ProductAioxmpp (44dc9169-c037-5423-8f10-5b15d8dcdb97)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/python-aioxmpp purl2cpe 2026-06-01 10:18:12.085941
pkg:deb/ubuntu/python-aioxmpp purl2cpe 2026-06-01 10:18:12.085945
pkg:docker/pypi/aioxmpp purl2cpe 2026-06-01 10:18:12.085948
pkg:github/horazont/aioxmpp purl2cpe 2026-06-01 10:18:12.085952
pkg:pypi/aioxmpp purl2cpe 2026-06-01 10:18:12.085955
pkg:rpm/opensuse/python-aioxmpp purl2cpe 2026-06-01 10:18:12.085958

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2019-1000007 vulnerable 2026-06-08 05:12:21.339065 Details available
aioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vulnerability in Stanza Parser, rollback during error processing, aioxmpp.xso.model.guard function that can result in Denial of Service, Other. This attack appears to be exploitable via Remote. A crafted stanza can be sent to an application which uses the vulnerable components to either inject data in a different context or cause the application to reconnect (potentially losing data). This vulnerability appears to have been fixed in 0.10.3.
Published: 2019-02-04T21:00:00.000Z
Updated: 2024-08-05T03:00:19.220Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.