CVE-2026-43504

A flaw was found in Prosody, specifically within the modproxy65 component. When modproxy65 is enabled, it mishandles access control in a paused scenario. This allows an unauthenticated attacker to relay unauthenticated traffic, which can lead to unauthorized data transmission and impact the...

Linux Distros Unpatched Vulnerability : CVE-2026-43505

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access contro...

CVE-2026-43504

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in a paused scenario, relaying of unauthenticated traffic can occur...

CVE-2026-43505

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in the activation scenario, relaying of unauthenticated traffic can occur...

CVE-2026-43505

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in the activation scenario, relaying of unauthenticated traffic can occur...

Prosody 安全漏洞

Prosody is an instant messaging server software from Prosody open source. A security vulnerability exists in Prosody versions prior to 0.12.6 and versions 1.0.0 through 13.0.0 prior to 13.0.5, which stems from improper handling of access control by modproxy65 in a suspend scenario, which could...

openSUSE Security Update : prosody (openSUSE-2021-728)

This update for prosody fixes the following issues : prosody was updated to 0.11.9 : Security : - modlimits, prosody.cfg.lua: Enable rate limits by default - certmanager: Disable renegotiation by default - modproxy65: Restrict access to local c2s connections by default - util.startup: Set more...

openSUSE: Security Advisory for prosody (openSUSE-SU-2021:0728-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

FreeBSD : Prosody -- multiple vulnerabilities (fc75570a-b417-11eb-a23d-c7ab331fd711)

The Prosody security advisory 2021-05-12 reports : This advisory details 5 new security vulnerabilities discovered in the Prosody.im XMPP server software. All issues are fixed in the 0.11.9 release default configuration. - CVE-2021-32918: DoS via insufficient memory consumption controls -...