High severityNVD Advisory· Published Apr 11, 2014· Updated Jun 17, 2026
CVE-2014-2829
CVE-2014-2829
Description
Erlang Solutions MongooseIM through 1.3.1 rev. 2 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
MongooseIMHex | < 1.3.2 | 1.3.2 |
Affected products
6cpe:2.3:a:erlang-solutions:mongooseim:1.2.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:erlang-solutions:mongooseim:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:erlang-solutions:mongooseim:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:erlang-solutions:mongooseim:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:erlang-solutions:mongooseim:1.3.1:-:*:*:*:*:*:*
- cpe:2.3:a:erlang-solutions:mongooseim:*:rev2:*:*:*:*:*:*range: <=1.3.1
Patches
Vulnerability mechanics
References
5- github.com/esl/MongooseIM/commit/586d96cc12ef218243a3466354b4d208b5472a6cnvdExploitPatchWEB
- github.com/advisories/GHSA-5v5w-44w6-q5hvghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2014-2829ghsaADVISORY
- xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzasghsaWEB
- xmpp.org/resources/security-notices/uncontrolled-resource-consumption-with-highly-compressed-xmpp-stanzas/nvd
News mentions
0No linked articles in our index yet.