|Max CVSS||5.0||Min CVSS||2.1||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
cipher.c in the Cipher API in libpurple in Pidgin before 2.7.10 retains encryption-key data in process memory, which might allow local users to obtain sensitive information by reading a core file or other representation of memory contents.
|19-09-2017 - 01:34||08-08-2012 - 10:26|
The XMPP protocol plugin in libpurple in Pidgin before 2.10.1 does not properly handle missing fields in (1) voice-chat and (2) video-chat stanzas, which allows remote attackers to cause a denial of service (application crash) via a crafted message.
|19-09-2017 - 01:34||17-12-2011 - 03:54|