Lucene search
HistoryApr 11, 2014 - 1:55 a.m.
CVE-2014-2829
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.5
Confidence
High
EPSS
0.005
Percentile
77.0%
Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an “xmppbomb” attack.
Affected configurations
Node
erlang-solutionsmongooseimRange≤1.3.1rev2
ORerlang-solutionsmongooseimMatch1.2.1
ORerlang-solutionsmongooseimMatch1.2.2
ORerlang-solutionsmongooseimMatch1.3.0
ORerlang-solutionsmongooseimMatch1.3.1-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| erlang-solutions | mongooseim | * | cpe:2.3:a:erlang-solutions:mongooseim:*:rev2:*:*:*:*:*:* |
| erlang-solutions | mongooseim | 1.2.1 | cpe:2.3:a:erlang-solutions:mongooseim:1.2.1:*:*:*:*:*:*:* |
| erlang-solutions | mongooseim | 1.2.2 | cpe:2.3:a:erlang-solutions:mongooseim:1.2.2:*:*:*:*:*:*:* |
| erlang-solutions | mongooseim | 1.3.0 | cpe:2.3:a:erlang-solutions:mongooseim:1.3.0:*:*:*:*:*:*:* |
| erlang-solutions | mongooseim | 1.3.1 | cpe:2.3:a:erlang-solutions:mongooseim:1.3.1:-:*:*:*:*:*:* |
Related
github
github
cve
cve
CVE-2014-2829
2014-04-11 01:55:07
cvelist
cvelist
CVE-2014-2829
2014-04-11 01:00:00
osv
osv
prion
prion
Code injection
2014-04-11 01:55:00
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.5
Confidence
High
EPSS
0.005
Percentile
77.0%
Related for NVD:CVE-2014-2829