{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/98693?format=json","vulnerability_id":"VCID-yk2e-qwmd-r3hb","summary":"The generate_dialback function in the mod_dialback module in Prosody before 0.9.10 does not properly separate fields when generating dialback keys, which allows remote attackers to spoof XMPP network domains via a crafted stream id and domain name that is included in the target domain as a suffix.","aliases":[{"alias":"CVE-2016-0756"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5264?format=json","purl":"pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/5267?format=json","purl":"pkg:deb/debian/prosody@0.9.7-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2%252Bdeb8u4"},{"url":"http://public2.vulnerablecode.io/api/packages/124214?format=json","purl":"pkg:deb/debian/prosody@0.9.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5268?format=json","purl":"pkg:deb/debian/prosody@0.9.12-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-v8a7-whdt-8yec"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.12-1~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/124209?format=json","purl":"pkg:deb/debian/prosody@0.11.9-2%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3n9x-ukp7-3khs"},{"vulnerability":"VCID-5zvg-gbkm-7fb4"},{"vulnerability":"VCID-9q7k-rudh-fugc"},{"vulnerability":"VCID-wxmn-zer8-afet"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.11.9-2%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124207?format=json","purl":"pkg:deb/debian/prosody@0.12.3-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.12.3-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124211?format=json","purl":"pkg:deb/debian/prosody@13.0.1-1%2Bdeb131u?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@13.0.1-1%252Bdeb131u%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/124210?format=json","purl":"pkg:deb/debian/prosody@13.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@13.0.6-1%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5262?format=json","purl":"pkg:deb/debian/prosody@0.7.0-1squeeze1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-7zh2-6hq2-e7fn"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qeey-pk5y-abc4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.7.0-1squeeze1"},{"url":"http://public2.vulnerablecode.io/api/packages/5263?format=json","purl":"pkg:deb/debian/prosody@0.7.0-1squeeze1%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-7zh2-6hq2-e7fn"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qeey-pk5y-abc4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.7.0-1squeeze1%252Bdeb6u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5264?format=json","purl":"pkg:deb/debian/prosody@0.8.2-4%2Bdeb7u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.8.2-4%252Bdeb7u4"},{"url":"http://public2.vulnerablecode.io/api/packages/5265?format=json","purl":"pkg:deb/debian/prosody@0.9.4-1~bpo70%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-skgm-b471-pkae"},{"vulnerability":"VCID-te5t-7g5g-h3h1"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.4-1~bpo70%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/5266?format=json","purl":"pkg:deb/debian/prosody@0.9.7-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2"},{"url":"http://public2.vulnerablecode.io/api/packages/5267?format=json","purl":"pkg:deb/debian/prosody@0.9.7-2%2Bdeb8u4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5zqs-z9sd-2kap"},{"vulnerability":"VCID-6jkq-68jn-vbf6"},{"vulnerability":"VCID-7gng-znmd-fybz"},{"vulnerability":"VCID-9fun-u67v-ukeg"},{"vulnerability":"VCID-9hnj-qfwy-t7bz"},{"vulnerability":"VCID-ape7-wbd4-f3fa"},{"vulnerability":"VCID-bvnn-cwwk-5ug8"},{"vulnerability":"VCID-d3u6-29xv-d3d7"},{"vulnerability":"VCID-dqgn-tvzm-nyhq"},{"vulnerability":"VCID-pf8t-h7qr-zke4"},{"vulnerability":"VCID-qzwt-bgty-3bfr"},{"vulnerability":"VCID-r361-cy8g-z7b3"},{"vulnerability":"VCID-v8a7-whdt-8yec"},{"vulnerability":"VCID-yk2e-qwmd-r3hb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/prosody@0.9.7-2%252Bdeb8u4"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0756","reference_id":"","reference_type":"","scores":[{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.7201","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.72051","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00681","scoring_system":"epss","scoring_elements":"0.72058","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0756"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0756","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0756"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yk2e-qwmd-r3hb"}