{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201952?format=json","vulnerability_id":"VCID-hejc-x63q-dfaw","summary":"jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.","aliases":[{"alias":"CVE-2011-1755"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/48255?format=json","purl":"pkg:deb/debian/jabberd2@2.2.8-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jabberd2@2.2.8-2.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48249?format=json","purl":"pkg:deb/debian/jabberd2@2.7.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jabberd2@2.7.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48247?format=json","purl":"pkg:deb/debian/jabberd2@2.7.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jabberd2@2.7.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48251?format=json","purl":"pkg:deb/debian/jabberd2@2.7.0-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jabberd2@2.7.0-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/48250?format=json","purl":"pkg:deb/debian/jabberd2@2.7.0-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/jabberd2@2.7.0-10%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/367962?format=json","purl":"pkg:rpm/redhat/jabberd@2.2.8-12?arch=el5sat","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-hejc-x63q-dfaw"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jabberd@2.2.8-12%3Farch=el5sat"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1755.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1755.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1755","reference_id":"","reference_type":"","scores":[{"value":"0.08459","scoring_system":"epss","scoring_elements":"0.92539","published_at":"2026-06-11T12:55:00Z"},{"value":"0.08459","scoring_system":"epss","scoring_elements":"0.92565","published_at":"2026-06-12T12:55:00Z"},{"value":"0.08459","scoring_system":"epss","scoring_elements":"0.92568","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1755"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1755"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=700390","reference_id":"700390","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=700390"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0881","reference_id":"RHSA-2011:0881","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0881"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0882","reference_id":"RHSA-2011:0882","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0882"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.1","risk_score":0.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hejc-x63q-dfaw"}