jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
6.6AI Score
0.014EPSS
Buffer overflow in the C2S module in the open source Jabber 2.x server (Jabberd) allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long username.
8.2AI Score
0.09EPSS
Jenkins Jabber Server Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
8.8CVSS
8.6AI Score
0.003EPSS