[SECURITY] Fedora 42 Update: prosody-13.0.5-1.fc42

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

[SECURITY] Fedora 43 Update: prosody-13.0.5-1.fc43

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

[SECURITY] Fedora 44 Update: prosody-13.0.5-1.fc44

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

Fedora 42 : prosody (2026-1efa008794)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-1efa008794 advisory. Prosody 13.0.5 Upstream is pleased to announce a new minor release from their stable branch. This is a security release for the Prosody 13.0.x stabl...

Fedora 44 : prosody (2026-2947986ad6)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-2947986ad6 advisory. Prosody 13.0.5 Upstream is pleased to announce a new minor release from their stable branch. This is a security release for the Prosody 13.0.x stabl...

Fedora 43 : prosody (2026-36c53b9ca8)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-36c53b9ca8 advisory. Prosody 13.0.5 Upstream is pleased to announce a new minor release from their stable branch. This is a security release for the Prosody 13.0.x stabl...

[SECURITY] [DSA 6252-1] prosody security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6252-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 07, 2026 https://www.debian.org/security/faq -...

Debian dsa-6252 : prosody - security update

The remote Debian 12 / 13 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-6252 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6252-1 [email protected]...

CVE-2026-43506

A flaw was found in Prosody. A remote, unauthenticated attacker can exploit this vulnerability by establishing connections that lead to memory leaks. This can cause memory exhaustion, resulting in a Denial of Service DoS for the affected system...

CVE-2026-43505

A flaw was found in Prosody, specifically within the modproxy65 module when enabled. This vulnerability arises from modproxy65 mishandling access control during the activation process. A remote attacker could exploit this flaw to relay unauthenticated traffic, potentially leading to unauthorized...

CVE-2026-43507

A flaw was found in Prosody. An unauthenticated remote attacker can exploit this vulnerability by sending specially crafted XML data, leading to excessive memory consumption. This memory exhaustion can cause a Denial of Service DoS, making the service unavailable to legitimate users...

CVE-2026-43504

A flaw was found in Prosody, specifically within the modproxy65 component. When modproxy65 is enabled, it mishandles access control in a paused scenario. This allows an unauthenticated attacker to relay unauthenticated traffic, which can lead to unauthorized data transmission and impact the...

Linux Distros Unpatched Vulnerability : CVE-2026-43505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access contro...

Linux Distros Unpatched Vulnerability : CVE-2026-43504

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access contro...

Linux Distros Unpatched Vulnerability : CVE-2026-43506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory...

FreeBSD : Prosody XMPP server advisory 2026-04-29 (a420f545-442c-11f1-b9b5-589cfc0dc9a2)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a420f545-442c-11f1-b9b5-589cfc0dc9a2 advisory. The Prosody team reports: Traffic patterns were discovered which can cause Prosody to consume excessive...

Linux Distros Unpatched Vulnerability : CVE-2026-43507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by XML parsi...

CVE-2026-43506

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections...

CVE-2026-43504

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in a paused scenario, relaying of unauthenticated traffic can occur...

CVE-2026-43505

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in the activation scenario, relaying of unauthenticated traffic can occur...