Unrated severityNVD Advisory· Published May 13, 2021· Updated Aug 3, 2024
CVE-2021-32917
CVE-2021-32917
Description
An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an XMPP account on the local server, allowing unrestricted use of the server's bandwidth.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Prosody/Prosodydescription
- osv-coords3 versionspkg:rpm/opensuse/prosody&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/prosody&distro=openSUSE%20Tumbleweedpkg:rpm/suse/prosody&distro=SUSE%20Package%20Hub%2015%20SP2
< 0.11.9-lp152.2.3.1+ 2 more
- (no CPE)range: < 0.11.9-lp152.2.3.1
- (no CPE)range: < 0.11.10-1.2
- (no CPE)range: < 0.11.9-bp152.2.3.1
Patches
Vulnerability mechanics
References
9- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MFFBZWXKPZEVZNQSVJNCUE7WRF3T7DG/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GUN63AHEWB2WRROJHU3BVJRWLONCT2B7/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWJ2DG2DFJOEFEWOUN26IMYYWGSA2ZEE/mitrevendor-advisoryx_refsource_FEDORA
- www.debian.org/security/2021/dsa-4916mitrevendor-advisoryx_refsource_DEBIAN
- www.openwall.com/lists/oss-security/2021/05/13/1mitremailing-listx_refsource_MLIST
- www.openwall.com/lists/oss-security/2021/05/14/2mitremailing-listx_refsource_MLIST
- blog.prosody.im/prosody-0.11.9-released/mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2021/06/msg00016.htmlmitremailing-listx_refsource_MLIST
- security.gentoo.org/glsa/202105-15mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.