Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2011-2205HistoryJun 22, 2011 - 9:55 p.m.
CVE-2011-2205
2011-06-2221:55:00
Debian Security Bug Tracker
security-tracker.debian.org
13
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.024 Low
EPSS
Percentile
89.8%
Prosody before 0.8.1 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | prosody | < 0.7.0-1 | prosody_0.7.0-1_all.deb |
| Debian | 11 | all | prosody | < 0.7.0-1 | prosody_0.7.0-1_all.deb |
| Debian | 10 | all | prosody | < 0.7.0-1 | prosody_0.7.0-1_all.deb |
| Debian | 999 | all | prosody | < 0.7.0-1 | prosody_0.7.0-1_all.deb |
| Debian | 13 | all | prosody | < 0.7.0-1 | prosody_0.7.0-1_all.deb |
Related
cve
cve
prion
prion
Code injection
2011-06-22 21:55:00
Cross site scripting
2014-12-15 18:59:00
Code injection
2011-10-06 10:55:00
ubuntucve
ubuntucve
nessus
nessus
EulerOS 2.0 SP8 : qt (EulerOS-SA-2020-1299)
2020-03-23 00:00:00
EulerOS 2.0 SP5 : qt (EulerOS-SA-2020-1323)
2020-03-23 00:00:00
EulerOS 2.0 SP3 : qt (EulerOS-SA-2020-1431)
2020-04-15 00:00:00
debiancve
debiancve
openvas
openvas
Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2020-1323)
2020-03-24 00:00:00
Huawei EulerOS: Security Advisory for qt (EulerOS-SA-2020-1669)
2020-06-16 00:00:00
CentOS Update for libxml2 CESA-2008:0886-01 centos2 i386
2009-02-27 00:00:00
freebsd
freebsd
ejabberd -- remote denial of service vulnerability
2011-04-27 00:00:00
osv
osv
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
CVE-2017-18640
2019-12-12 03:15:10
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:53:01
github
github
SnakeYAML Entity Expansion during load operation
2021-06-04 21:37:45
JBossWS vulnerable to uncontrolled recursion
2022-05-13 01:39:29
redhat
redhat
(RHSA-2008:0886) Important: libxml2 security update
2008-09-11 00:00:00
centos
centos
libxml2 security update
2008-09-12 01:23:56
redhatcve
redhatcve
CVE-2017-18640
2020-04-08 21:02:33
securityvulns
securityvulns
[ MDVSA-2009:221 ] libneon0.27
2009-08-25 00:00:00
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.024 Low
EPSS
Percentile
89.8%
Related for DEBIANCVE:CVE-2011-2205