Mandriva Linux Security Advisory 2009-025 - The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates. Pidgin 2.4.1 suffers from a denial of service issue. The UPnP functionality in Pidgin 2.0.0 suffers from a denial of service issue and an arbitrary file download vulnerability.
7c3e00ac8e2df1bc834ced81c5a9f3e08019d886ea3b288d1d0b0c578e40aec0