View | Details | Raw Unified | Return to bug 257597
Collapse All | Expand All

(-)b/security/vuxml/vuln-2021.xml (+28 lines)
Lines 1-3 Link Here
1
  <vuln vid="5ef14250-f47c-11eb-8f13-5b4de959822e">
2
    <topic>Prosody -- Remote Information Disclosure</topic>
3
    <affects>
4
      <package>
5
	<name>prosody</name>
6
	<range><lt>0.11.10</lt></range>
7
      </package>
8
    </affects>
9
    <description>
10
      <body xmlns="http://www.w3.org/1999/xhtml">
11
	<p>A Prosody XMPP server advisory reports:</p>
12
	<blockquote cite="https://prosody.im/security/advisory_20210722/">
13
	<p>It was discovered that Prosody allows any entity to access the list of
14
	admins, members, owners and banned entities of any federated XMPP group chat
15
	of which they know the address.</p>
16
	</blockquote>
17
      </body>
18
    </description>
19
    <references>
20
      <cvename>CVE-2021-37601</cvename>
21
      <url>https://prosody.im/security/advisory_20210722/</url>
22
    </references>
23
    <dates>
24
      <discovery>2021-07-22</discovery>
25
      <entry>2021-08-03</entry>
26
    </dates>
27
  </vuln>
28
1
  <vuln vid="b1aa54ae-74cb-42a0-b462-cbb6831c5c50">
29
  <vuln vid="b1aa54ae-74cb-42a0-b462-cbb6831c5c50">
2
    <topic>RabbitMQ -- Denial of Service in AMQP1.0 plugin</topic>
30
    <topic>RabbitMQ -- Denial of Service in AMQP1.0 plugin</topic>
3
    <affects>
31
    <affects>

Return to bug 257597