Known Vulnerabilities for products from Jabberd2
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Jabberd2".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2017-18226 | The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might all... | 5.5 - MEDIUM | 2018-03-12 | 2019-10-03 |
| CVE-2017-18225 | The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-... | 7.8 - HIGH | 2018-03-12 | 2019-10-03 |
| CVE-2017-10807 | JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.... | 9.8 - CRITICAL | 2017-07-04 | 2017-11-04 |
| CVE-2015-2058 | c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows... | 6.5 - MEDIUM | 2015-08-12 | 2016-11-30 |
| CVE-2012-3525 | s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which ... | 5.8 - MEDIUM | 2012-08-25 | 2023-02-13 |
| CVE-2011-1755 | jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a d... | 7.5 - HIGH | 2011-06-21 | 2024-02-02 |
Known software with vulnerabilities from Jabberd2
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Jabberd2 | Jabberd2 | 2.1 |