xmpp

package module

Versions in this module

v0
Apr 7, 2022
Feb 11, 2022
Feb 8, 2022 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Sep 26, 2021 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
May 2, 2021 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Feb 14, 2021 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Nov 21, 2020 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Nov 11, 2020 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Changes in this version
Mar 8, 2020 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Feb 28, 2020 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Aug 18, 2019 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Jul 28, 2019 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Jul 18, 2019 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Jun 22, 2019 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Jun 18, 2019 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Jun 11, 2019 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Aug 25, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Aug 22, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Aug 20, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Changes in this version
Aug 19, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Aug 17, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Changes in this version
type StreamConfig
Aug 16, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Aug 6, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Changes in this version
Aug 2, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Mar 1, 2018 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Oct 7, 2017 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Oct 2, 2017 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Changes in this version
Sep 24, 2017 GO-2021-0321GO-2022-0370
Alert  GO-2021-0321: An attacker capable of spoofing DNS TXT records can redirect a WebSocket connection request to a server under their control without causing TLS certificate verification to fail. This occurs because the wrong host name is selected during this verification.
Alert  GO-2022-0370: Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server being connected to. This permits any attacker that can spoof a DNS record to redirect the user to a server of their choosing. Providing a *tls.Config with a ServerName field set to the correct destination hostname will avoid this issue.
Changes in this version

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL