Known Vulnerabilities for products from Jabberd2
Listed below are 6 of the newest known vulnerabilities associated with the vendor "Jabberd2".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2017-18226 json | The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might all... | 5.5 - MEDIUM | 2018-03-12 | 2019-10-03 |
| CVE-2017-18225 json | The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-... | 7.8 - HIGH | 2018-03-12 | 2019-10-03 |
| CVE-2017-10807 json | JabberD 2.x (aka jabberd2) before 2.6.1 allows anyone to authenticate using SASL ANONYMOUS, even when the sasl.anonymous c2s.... | 9.8 - CRITICAL | 2017-07-04 | 2017-11-04 |
| CVE-2015-2058 json | c2s/c2s.c in Jabber Open Source Server 2.3.2 and earlier truncates data without ensuring it remains valid UTF-8, which allows... | 6.5 - MEDIUM | 2015-08-12 | 2016-11-30 |
| CVE-2012-3525 json | s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which ... | 5.8 - MEDIUM | 2012-08-25 | 2023-02-13 |
| CVE-2011-1755 json | jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a d... | 7.5 - HIGH | 2011-06-21 | 2024-02-02 |
Known software with vulnerabilities from Jabberd2
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Jabberd2 | Jabberd2 | 2.1 |