Debian/jabberd2 — 7 CVEs

CRITICAL9.8CVE-2017-10807jabberd2 - security update

from 0, < 2.6.1-1

CRITICAL9.8CVE-2017-10807jabberd2 - security update

from 0, < 2.4.0-3+deb9u1

HIGH7.5CVE-2011-1755jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of servi…

from 0, < 2.2.8-2.1

MEDIUM5.5The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users…

from 0

—c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows remote authen…

from 0, < 2.3.3-1

—s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote…

from 0, < 2.2.17-1

—The SASL negotiation in Jabber Studio jabberd before 2.0s11 allows remote attackers to cause a denial of service ("c2s segfault") by sendin…

from 0, < 2.0s11-1

pkg:Debian/jabberd2

✅ Check your installed version

All known vulnerabilities