FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fc75570a-b417-11eb-a23d-c7ab331fd711	Prosody -- multiple vulnerabilities The Prosody security advisory 2021-05-12 reports: This advisory details 5 new security vulnerabilities discovered in the Prosody.im XMPP server software. All issues are fixed in the 0.11.9 release default configuration. CVE-2021-32918: DoS via insufficient memory consumption controls CVE-2021-32920: DoS via repeated TLS renegotiation causing excessive CPU consumption CVE-2021-32921: Use of timing-dependent string comparison with sensitive values CVE-2021-32917: Use of mod_proxy65 is unrestricted in default configuration CVE-2021-32919: Undocumented dialback-without-dialback option insecure Discovery 2021-05-12 Entry 2021-05-13 prosody < 0.11.9 CVE-2021-32918 CVE-2021-32920 CVE-2021-32921 CVE-2021-32917 CVE-2021-32919

VuXML ID

Description

fc75570a-b417-11eb-a23d-c7ab331fd711

Prosody -- multiple vulnerabilities

The Prosody security advisory 2021-05-12 reports:

This advisory details 5 new security vulnerabilities discovered in the Prosody.im XMPP server software. All issues are fixed in the 0.11.9 release default configuration.

CVE-2021-32918: DoS via insufficient memory consumption controls

CVE-2021-32920: DoS via repeated TLS renegotiation causing excessive CPU consumption

CVE-2021-32921: Use of timing-dependent string comparison with sensitive values

CVE-2021-32917: Use of mod_proxy65 is unrestricted in default configuration

CVE-2021-32919: Undocumented dialback-without-dialback option insecure

Discovery 2021-05-12
Entry 2021-05-13
prosody

< 0.11.9

CVE-2021-32918
CVE-2021-32920
CVE-2021-32921
CVE-2021-32917
CVE-2021-32919