Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/98692?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/98692?format=api", "vulnerability_id": "VCID-skgm-b471-pkae", "summary": "Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an \"xmppbomb\" attack, related to core/portmanager.lua and util/xmppstream.lua.", "aliases": [ { "alias": "CVE-2014-2745" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5264?format=api", "purl": "pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6jkq-68jn-vbf6" }, { "vulnerability": "VCID-7gng-znmd-fybz" }, { "vulnerability": "VCID-9fun-u67v-ukeg" }, { "vulnerability": "VCID-9hnj-qfwy-t7bz" }, { "vulnerability": "VCID-ape7-wbd4-f3fa" }, { "vulnerability": "VCID-bvnn-cwwk-5ug8" }, { "vulnerability": "VCID-d3u6-29xv-d3d7" }, { "vulnerability": "VCID-dqgn-tvzm-nyhq" }, { "vulnerability": "VCID-pf8t-h7qr-zke4" }, { "vulnerability": "VCID-qzwt-bgty-3bfr" }, { "vulnerability": "VCID-r361-cy8g-z7b3" }, { "vulnerability": "VCID-skgm-b471-pkae" }, { "vulnerability": "VCID-te5t-7g5g-h3h1" }, { "vulnerability": "VCID-v8a7-whdt-8yec" }, { "vulnerability": "VCID-yk2e-qwmd-r3hb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/124213?format=api", "purl": "pkg:deb/debian/prosody@0.9.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/5266?format=api", "purl": "pkg:deb/debian/prosody@0.9.7-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6jkq-68jn-vbf6" }, { "vulnerability": "VCID-7gng-znmd-fybz" }, { "vulnerability": "VCID-9fun-u67v-ukeg" }, { "vulnerability": "VCID-9hnj-qfwy-t7bz" }, { "vulnerability": "VCID-ape7-wbd4-f3fa" }, { "vulnerability": "VCID-bvnn-cwwk-5ug8" }, { "vulnerability": "VCID-d3u6-29xv-d3d7" }, { "vulnerability": "VCID-dqgn-tvzm-nyhq" }, { "vulnerability": "VCID-pf8t-h7qr-zke4" }, { "vulnerability": "VCID-qzwt-bgty-3bfr" }, { "vulnerability": "VCID-r361-cy8g-z7b3" }, { "vulnerability": "VCID-v8a7-whdt-8yec" }, { "vulnerability": "VCID-yk2e-qwmd-r3hb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/124209?format=api", "purl": "pkg:deb/debian/prosody@0.11.9-2%2Bdeb11u2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3n9x-ukp7-3khs" }, { "vulnerability": "VCID-5zvg-gbkm-7fb4" }, { "vulnerability": "VCID-9q7k-rudh-fugc" }, { "vulnerability": "VCID-wxmn-zer8-afet" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.9-2%252Bdeb11u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/124207?format=api", "purl": "pkg:deb/debian/prosody@0.12.3-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.12.3-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/124211?format=api", "purl": "pkg:deb/debian/prosody@13.0.1-1%2Bdeb131u?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@13.0.1-1%252Bdeb131u%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/124210?format=api", "purl": "pkg:deb/debian/prosody@13.0.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@13.0.6-1%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5262?format=api", "purl": "pkg:deb/debian/prosody@0.7.0-1squeeze1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6jkq-68jn-vbf6" }, { "vulnerability": "VCID-7gng-znmd-fybz" }, { "vulnerability": "VCID-7zh2-6hq2-e7fn" }, { "vulnerability": "VCID-9fun-u67v-ukeg" }, { "vulnerability": "VCID-9hnj-qfwy-t7bz" }, { "vulnerability": "VCID-ape7-wbd4-f3fa" }, { "vulnerability": "VCID-bvnn-cwwk-5ug8" }, { "vulnerability": "VCID-d3u6-29xv-d3d7" }, { "vulnerability": "VCID-dqgn-tvzm-nyhq" }, { "vulnerability": "VCID-pf8t-h7qr-zke4" }, { "vulnerability": "VCID-qeey-pk5y-abc4" }, { "vulnerability": "VCID-qzwt-bgty-3bfr" }, { "vulnerability": "VCID-r361-cy8g-z7b3" }, { "vulnerability": "VCID-skgm-b471-pkae" }, { "vulnerability": "VCID-te5t-7g5g-h3h1" }, { "vulnerability": "VCID-v8a7-whdt-8yec" }, { "vulnerability": "VCID-yk2e-qwmd-r3hb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.7.0-1squeeze1" }, { "url": "http://public2.vulnerablecode.io/api/packages/5263?format=api", "purl": "pkg:deb/debian/prosody@0.7.0-1squeeze1%2Bdeb6u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6jkq-68jn-vbf6" }, { "vulnerability": "VCID-7gng-znmd-fybz" }, { "vulnerability": "VCID-7zh2-6hq2-e7fn" }, { "vulnerability": "VCID-9fun-u67v-ukeg" }, { "vulnerability": "VCID-9hnj-qfwy-t7bz" }, { "vulnerability": "VCID-ape7-wbd4-f3fa" }, { "vulnerability": "VCID-bvnn-cwwk-5ug8" }, { "vulnerability": "VCID-d3u6-29xv-d3d7" }, { "vulnerability": "VCID-dqgn-tvzm-nyhq" }, { "vulnerability": "VCID-pf8t-h7qr-zke4" }, { "vulnerability": "VCID-qeey-pk5y-abc4" }, { "vulnerability": "VCID-qzwt-bgty-3bfr" }, { "vulnerability": "VCID-r361-cy8g-z7b3" }, { "vulnerability": "VCID-skgm-b471-pkae" }, { "vulnerability": "VCID-te5t-7g5g-h3h1" }, { "vulnerability": "VCID-v8a7-whdt-8yec" }, { "vulnerability": "VCID-yk2e-qwmd-r3hb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.7.0-1squeeze1%252Bdeb6u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/5264?format=api", "purl": "pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6jkq-68jn-vbf6" }, { "vulnerability": "VCID-7gng-znmd-fybz" }, { "vulnerability": "VCID-9fun-u67v-ukeg" }, { "vulnerability": "VCID-9hnj-qfwy-t7bz" }, { "vulnerability": "VCID-ape7-wbd4-f3fa" }, { "vulnerability": "VCID-bvnn-cwwk-5ug8" }, { "vulnerability": "VCID-d3u6-29xv-d3d7" }, { "vulnerability": "VCID-dqgn-tvzm-nyhq" }, { "vulnerability": "VCID-pf8t-h7qr-zke4" }, { "vulnerability": "VCID-qzwt-bgty-3bfr" }, { "vulnerability": "VCID-r361-cy8g-z7b3" }, { "vulnerability": "VCID-skgm-b471-pkae" }, { "vulnerability": "VCID-te5t-7g5g-h3h1" }, { "vulnerability": "VCID-v8a7-whdt-8yec" }, { "vulnerability": "VCID-yk2e-qwmd-r3hb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/5265?format=api", "purl": "pkg:deb/debian/prosody@0.9.4-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-6jkq-68jn-vbf6" }, { "vulnerability": "VCID-7gng-znmd-fybz" }, { "vulnerability": "VCID-9fun-u67v-ukeg" }, { "vulnerability": "VCID-9hnj-qfwy-t7bz" }, { "vulnerability": "VCID-ape7-wbd4-f3fa" }, { "vulnerability": "VCID-bvnn-cwwk-5ug8" }, { "vulnerability": "VCID-d3u6-29xv-d3d7" }, { "vulnerability": "VCID-dqgn-tvzm-nyhq" }, { "vulnerability": "VCID-pf8t-h7qr-zke4" }, { "vulnerability": "VCID-qzwt-bgty-3bfr" }, { "vulnerability": "VCID-r361-cy8g-z7b3" }, { "vulnerability": "VCID-skgm-b471-pkae" }, { "vulnerability": "VCID-te5t-7g5g-h3h1" }, { "vulnerability": "VCID-v8a7-whdt-8yec" }, { "vulnerability": "VCID-yk2e-qwmd-r3hb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.4-1~bpo70%252B1" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2745", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.8466", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02179", "scoring_system": "epss", "scoring_elements": "0.84684", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745" } ], "weaknesses": [], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-skgm-b471-pkae" }