[SECURITY] Fedora 42 Update: prosody-13.0.5-1.fc42

Prosody is a flexible communications server for Jabber/XMPP written in Lua. It aims to be easy to use, and light on resources. For developers it aims to be easy to extend and give a flexible system on which to rapidly develop added functionality, or prototype new protocols...

Prosody XMPP server advisory 2026-04-29

The Prosody team reports: Traffic patterns were discovered which can cause Prosody to consume excessive amounts of memory with much smaller amounts of incoming traffic. This traffic can be sent by unauthenticated connections. It was discovered that modproxy65’s access control was broken and...

Prosodical Thoughts Prosody安全漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A security vulnerability exists in Prosodical Thoughts Prosody due to improper validation of untrusted XML data. A remote attacker could send specially crafted data to the affected...

The vulnerability of the Prosody server for Jabber/XMPP, related to a resource management mechanism error, allows attackers to trigger a service failure.

The vulnerability of the Prosody Jabber/XMPP server is related to a bug in the resource management mechanism. Exploiting this vulnerability allows a malicious actor to cause service failures...

The vulnerability of the `dialback_without_dialback` option in the `mod_dialback` module of the Prosody Jabber/XMPP server is related to authentication process errors, allowing attackers to access confidential data.

The vulnerability of the dialbackwithoutdialback option in the moddialback module of the Prosody Jabber/XMPP server is related to incorrect authentication of certificates from the remote server. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data...

The vulnerability of the Prosody Jabber/XMPP server lies in the simultaneous execution using a shared resource with incorrect synchronization, allowing an attacker to gain access to confidential data.

The vulnerability of the Prosody Jabber/XMPP server is related to the use of an algorithm with non-persistent execution time for comparing secret strings. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data...

The vulnerability of the proxy65 component of the Jabber/XMPP Prosody server, related to the absence of an authentication mechanism, allows attackers to trigger a service failure.

The vulnerability of the proxy65 component of the Jabber/XMPP Prosody server lies in the fact that it is configured with open access by default. Exploiting this vulnerability allows a remote attacker to cause a service failure...

The vulnerability of the Prosody server for Jabber/XMPP, related to a resource management mechanism error, allows attackers to trigger a service failure.

The vulnerability of the Prosody server for Jabber/XMPP is related to incorrect processing of requests for re-establishing SSL/TLS connections. Exploiting this vulnerability can allow a remote attacker to cause service failures...

DEBIAN-CVE-2021-32918

An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service DoS attacks via memory exhaustion when running under Lua 5.2 or Lua 5.3...

Prosodical Thoughts Prosody 授权问题漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A security vulnerability exists in Prosody prior to version 0.11.9. A remote attacker could exploit the vulnerability to use the server's bandwidth indefinitely...

Prosodical Thoughts Prosody 信任管理问题漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A trust management issue vulnerability exists in Prosody prior to version 0.11.9. The vulnerability stems from the program not properly validating remote server certificates...

Prosodical Thoughts Prosody 竞争条件问题漏洞

Prosodical Thoughts Prosody is a Prosodical Thoughts open source application . A modern XMPP communication server. A security vulnerability exists in Prosody prior to version 0.11.9. A remote attacker could exploit the vulnerability to obtain sensitive information...

PT-2021-4054 · Prosody +2 · Prosody +2

Name of the Vulnerable Software and Affected Versions: Prosody versions prior to 0.11.9 Description: The issue is related to the proxy65 component of the Prosody server for Jabber/XMPP, which allows open access by default. This can be exploited by a remote attacker to cause a denial of service,...

The vulnerability of LDAP authentication modules (mod_auth_ldap and mod_auth_ldap2) in the Prosody Jabber/XMPP server allows attackers to access sensitive data, compromise its integrity, and cause service failures.

The vulnerability of the LDAP authentication modules modauthldap and modauthldap2 in the Prosody Jabber/XMPP server relates to the improper checking of the XMPP address during the determination of whether a user has administrative access. Exploiting this vulnerability can allow an attacker to gai...