{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2017-5591","title":"Title"},{"category":"description","text":"An incorrect implementation of \"XEP-0280: Message Carbons\" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for SleekXMPP up to 1.3.1 and Slixmpp all versions up to 1.2.3, as bundled in poezio (0.8 - 0.10) and other products.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2017-5591","url":"https://www.suse.com/security/cve/CVE-2017-5591"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1024697 for CVE-2017-5591","url":"https://bugzilla.suse.com/1024697"},{"category":"external","summary":"SUSE Bug 1024736 for CVE-2017-5591","url":"https://bugzilla.suse.com/1024736"}],"title":"SUSE CVE CVE-2017-5591","tracking":{"current_release_date":"2025-02-18T07:53:55Z","generator":{"date":"2023-02-15T04:49:55Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2017-5591","initial_release_date":"2023-02-15T04:49:55Z","revision_history":[{"date":"2023-02-15T04:49:55Z","number":"2","summary":"Current version"},{"date":"2025-01-01T09:10:00Z","number":"3","summary":"Current version"},{"date":"2025-02-18T07:53:55Z","number":"4","summary":"Current version"}],"status":"interim","version":"4"}}}