CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2205

Prosody before 0.8.1 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.016

EPSS Ranking 81.0%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2011-2205

Prosody » Prosody » Version: N/A

cpe:2.3:a:prosody:prosody:-
Prosody » Prosody » Version: 0.1.0

cpe:2.3:a:prosody:prosody:0.1.0
Prosody » Prosody » Version: 0.2.0

cpe:2.3:a:prosody:prosody:0.2.0
Prosody » Prosody » Version: 0.3.0

cpe:2.3:a:prosody:prosody:0.3.0
Prosody » Prosody » Version: 0.4.0

cpe:2.3:a:prosody:prosody:0.4.0
Prosody » Prosody » Version: 0.4.1

cpe:2.3:a:prosody:prosody:0.4.1
Prosody » Prosody » Version: 0.4.2

cpe:2.3:a:prosody:prosody:0.4.2
Prosody » Prosody » Version: 0.5.0

cpe:2.3:a:prosody:prosody:0.5.0
Prosody » Prosody » Version: 0.5.1

cpe:2.3:a:prosody:prosody:0.5.1
Prosody » Prosody » Version: 0.5.2

cpe:2.3:a:prosody:prosody:0.5.2
Prosody » Prosody » Version: 0.6

cpe:2.3:a:prosody:prosody:0.6
Prosody » Prosody » Version: 0.6.0

cpe:2.3:a:prosody:prosody:0.6.0
Prosody » Prosody » Version: 0.6.1

cpe:2.3:a:prosody:prosody:0.6.1
Prosody » Prosody » Version: 0.6.2

cpe:2.3:a:prosody:prosody:0.6.2
Prosody » Prosody » Version: 0.7

cpe:2.3:a:prosody:prosody:0.7
Prosody » Prosody » Version: 0.7.0

cpe:2.3:a:prosody:prosody:0.7.0
Prosody » Prosody » Version: 0.8

cpe:2.3:a:prosody:prosody:0.8
Prosody » Prosody » Version: 0.8.0

cpe:2.3:a:prosody:prosody:0.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2205

Products

Pricing

Contact Us