{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98692?format=json","vulnerability_id":"VCID-skgm-b471-pkae","summary":"Prosody before 0.9.4 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an \"xmppbomb\" attack, related to core/portmanager.lua and util/xmppstream.lua.","aliases":[{"alias":"CVE-2014-2745"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5264?format=json","purl":"pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/124213?format=json","purl":"pkg:deb/debian/prosody@0.9.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5266?format=json","purl":"pkg:deb/debian/prosody@0.9.7-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2"},{"url":"http://public2.vulnerablecode.io/api/packages/124209?format=json","purl":"pkg:deb/debian/prosody@0.11.9-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3n9x-ukp7-3khs"},{"vulnerability":"VCID-5zvg-gbkm-7fb4"},{"vulnerability":"VCID-9q7k-rudh-fugc"},{"vulnerability":"VCID-wxmn-zer8-afet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.9-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124207?format=json","purl":"pkg:deb/debian/prosody@0.12.3-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.12.3-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124211?format=json","purl":"pkg:deb/debian/prosody@13.0.1-1%2Bdeb131u?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@13.0.1-1%252Bdeb131u%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124210?format=json","purl":"pkg:deb/debian/prosody@13.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@13.0.6-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5262?format=json","purl":"pkg:deb/debian/prosody@0.7.0-1squeeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-7zh2-6hq2-e7fn"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qeey-pk5y-abc4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.7.0-1squeeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/5263?format=json","purl":"pkg:deb/debian/prosody@0.7.0-1squeeze1%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-7zh2-6hq2-e7fn"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qeey-pk5y-abc4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.7.0-1squeeze1%252Bdeb6u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5264?format=json","purl":"pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/5265?format=json","purl":"pkg:deb/debian/prosody@0.9.4-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.4-1~bpo70%252B1"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2745","reference_id":"","reference_type":"","scores":[{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8466","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84684","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2745"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-skgm-b471-pkae"}