Unrated severityNVD Advisory· Published Oct 25, 2014· Updated Jun 17, 2026
CVE-2014-8760
CVE-2014-8760
Description
ejabberd before 2.1.13 does not enforce the starttls_required setting when compression is used, which causes clients to establish connections without encryption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
8- www.mandriva.com/security/advisoriesnvdPatch
- github.com/processone/ejabberd/commit/7bdc1151bnvdPatch
- advisories.mageia.org/MGASA-2014-0417.htmlnvdVendor Advisory
- mail.jabber.org/pipermail/operators/2014-October/002438.htmlnvd
- seclists.org/oss-sec/2014/q4/312nvd
- www.mandriva.com/security/advisoriesnvd
- www.securityfocus.com/bid/70415nvd
- bugzilla.redhat.com/show_bug.cginvd
News mentions
0No linked articles in our index yet.