Prosody prior to 0.8.1 does not properly detect recursion during entity expansion, which allows remote malicious users to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
prosody prosody 0.6.1 |
||
prosody prosody 0.5.1 |
||
prosody prosody 0.2.0 |
||
prosody prosody 0.1.0 |
||
prosody prosody 0.7 |
||
prosody prosody 0.6 |
||
prosody prosody 0.4.2 |
||
prosody prosody 0.4.1 |
||
prosody prosody 0.7.0 |
||
prosody prosody 0.6.0 |
||
prosody prosody 0.4.0 |
||
prosody prosody 0.3.0 |
||
prosody prosody 0.8 |
||
prosody prosody 0.5.0 |
||
prosody prosody 0.5.2 |
||
prosody prosody |
Vulmon