Y33T

**Name of the Vulnerable Software and Affected Versions** Gajim versions prior to 0.15.3 **Description** The issue allows remote attackers to conduct man-in-the-middle (MITM) attacks and spoof servers via an arbitrary certificate from a trusted CA, due to improper verification of SSL certificates by the ` ssl verify callback` function in `tls nb.py`. **Recommendations** For versions prior to 0.15.3, update to version 0.15.3 or later to resolve the issue. As a temporary workaround, consider disabling the ` ssl verify callback` function until a patch is available. Restrict access to sensitive resources to minimize the risk of exploitation.