Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
Typedeb
Namespacedebian
Nameprosody
Version0.8.2-4+deb7u4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.11.2-1+deb10u4
Latest_non_vulnerable_version0.12.3-1+deb12u1
Affected_by_vulnerabilities
0
url VCID-9hnj-qfwy-t7bz
vulnerability_id VCID-9hnj-qfwy-t7bz
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32918
reference_id
reference_type
scores
0
value 0.04269
scoring_system epss
scoring_elements 0.89017
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32918
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
reference_id 988668
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
7
reference_url https://security.archlinux.org/ASA-202105-11
reference_id ASA-202105-11
reference_type
scores
url https://security.archlinux.org/ASA-202105-11
8
reference_url https://security.archlinux.org/AVG-1955
reference_id AVG-1955
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1955
fixed_packages
0
url pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
purl pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.2-1%252Bdeb10u4
aliases CVE-2021-32918
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9hnj-qfwy-t7bz
1
url VCID-ape7-wbd4-f3fa
vulnerability_id VCID-ape7-wbd4-f3fa
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32917
reference_id
reference_type
scores
0
value 0.04407
scoring_system epss
scoring_elements 0.89196
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32917
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
reference_id 988668
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
7
reference_url https://security.archlinux.org/ASA-202105-11
reference_id ASA-202105-11
reference_type
scores
url https://security.archlinux.org/ASA-202105-11
8
reference_url https://security.archlinux.org/AVG-1955
reference_id AVG-1955
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1955
fixed_packages
0
url pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
purl pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.2-1%252Bdeb10u4
aliases CVE-2021-32917
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ape7-wbd4-f3fa
2
url VCID-bvnn-cwwk-5ug8
vulnerability_id VCID-bvnn-cwwk-5ug8
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32919
reference_id
reference_type
scores
0
value 0.00344
scoring_system epss
scoring_elements 0.57222
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32919
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
reference_id 988668
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
7
reference_url https://security.archlinux.org/ASA-202105-11
reference_id ASA-202105-11
reference_type
scores
url https://security.archlinux.org/ASA-202105-11
8
reference_url https://security.archlinux.org/AVG-1955
reference_id AVG-1955
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1955
fixed_packages
0
url pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
purl pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.2-1%252Bdeb10u4
aliases CVE-2021-32919
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvnn-cwwk-5ug8
3
url VCID-qzwt-bgty-3bfr
vulnerability_id VCID-qzwt-bgty-3bfr
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32920
reference_id
reference_type
scores
0
value 0.06773
scoring_system epss
scoring_elements 0.91465
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32920
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
reference_id 988668
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
7
reference_url https://security.archlinux.org/ASA-202105-11
reference_id ASA-202105-11
reference_type
scores
url https://security.archlinux.org/ASA-202105-11
8
reference_url https://security.archlinux.org/AVG-1955
reference_id AVG-1955
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1955
fixed_packages
0
url pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
purl pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.2-1%252Bdeb10u4
aliases CVE-2021-32920
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qzwt-bgty-3bfr
4
url VCID-r361-cy8g-z7b3
vulnerability_id VCID-r361-cy8g-z7b3
summary The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1232
reference_id
reference_type
scores
0
value 0.00708
scoring_system epss
scoring_elements 0.72571
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1232
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232
fixed_packages
0
url pkg:deb/debian/prosody@0.9.7-2%2Bdeb8u4
purl pkg:deb/debian/prosody@0.9.7-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2%252Bdeb8u4
aliases CVE-2016-1232
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r361-cy8g-z7b3
5
url VCID-v8a7-whdt-8yec
vulnerability_id VCID-v8a7-whdt-8yec
summary multiple issues
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-32921
reference_id
reference_type
scores
0
value 0.04627
scoring_system epss
scoring_elements 0.89459
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-32921
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32917
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32918
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32919
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32920
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32921
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
reference_id 988668
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988668
7
reference_url https://security.archlinux.org/ASA-202105-11
reference_id ASA-202105-11
reference_type
scores
url https://security.archlinux.org/ASA-202105-11
8
reference_url https://security.archlinux.org/AVG-1955
reference_id AVG-1955
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-1955
fixed_packages
0
url pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
purl pkg:deb/debian/prosody@0.11.2-1%2Bdeb10u4
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.2-1%252Bdeb10u4
aliases CVE-2021-32921
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v8a7-whdt-8yec
Fixing_vulnerabilities
0
url VCID-9fun-u67v-ukeg
vulnerability_id VCID-9fun-u67v-ukeg
summary Directory traversal vulnerability in the HTTP file-serving module (mod_http_files) in Prosody 0.9.x before 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) in an unspecified path.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1231
reference_id
reference_type
scores
0
value 0.00741
scoring_system epss
scoring_elements 0.73324
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1231
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232
fixed_packages
0
url pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
purl pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-r361-cy8g-z7b3
5
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4
aliases CVE-2016-1231
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9fun-u67v-ukeg
1
url VCID-r361-cy8g-z7b3
vulnerability_id VCID-r361-cy8g-z7b3
summary The mod_dialback module in Prosody before 0.9.9 does not properly generate random values for the secret token for server-to-server dialback authentication, which makes it easier for attackers to spoof servers via a brute force attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1232
reference_id
reference_type
scores
0
value 0.00708
scoring_system epss
scoring_elements 0.72571
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1232
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1231
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1232
fixed_packages
0
url pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
purl pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-r361-cy8g-z7b3
5
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4
1
url pkg:deb/debian/prosody@0.9.7-2%2Bdeb8u4
purl pkg:deb/debian/prosody@0.9.7-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2%252Bdeb8u4
aliases CVE-2016-1232
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r361-cy8g-z7b3
2
url VCID-skgm-b471-pkae
vulnerability_id VCID-skgm-b471-pkae
summary Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack, related to core/portmanager.lua and util/xmppstream.lua.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2745
reference_id
reference_type
scores
0
value 0.02179
scoring_system epss
scoring_elements 0.8466
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2745
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745
fixed_packages
0
url pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
purl pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-r361-cy8g-z7b3
5
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4
aliases CVE-2014-2745
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-skgm-b471-pkae
3
url VCID-te5t-7g5g-h3h1
vulnerability_id VCID-te5t-7g5g-h3h1
summary plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightwitch Metronome through 3.4 negotiates stream compression while a session is unauthenticated, which allows remote attackers to cause a denial of service (resource consumption) via compressed XML elements in an XMPP stream, aka an "xmppbomb" attack.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2744
reference_id
reference_type
scores
0
value 0.02179
scoring_system epss
scoring_elements 0.8466
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2744
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745
fixed_packages
0
url pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
purl pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-r361-cy8g-z7b3
5
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4
aliases CVE-2014-2744
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-te5t-7g5g-h3h1
4
url VCID-yk2e-qwmd-r3hb
vulnerability_id VCID-yk2e-qwmd-r3hb
summary The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0756
reference_id
reference_type
scores
0
value 0.00681
scoring_system epss
scoring_elements 0.7201
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0756
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0756
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0756
fixed_packages
0
url pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
purl pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9hnj-qfwy-t7bz
1
vulnerability VCID-ape7-wbd4-f3fa
2
vulnerability VCID-bvnn-cwwk-5ug8
3
vulnerability VCID-qzwt-bgty-3bfr
4
vulnerability VCID-r361-cy8g-z7b3
5
vulnerability VCID-v8a7-whdt-8yec
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4
aliases CVE-2016-0756
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yk2e-qwmd-r3hb
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4