Unrated severityNVD Advisory· Published Jul 28, 2021· Updated Aug 4, 2024
CVE-2021-37601
CVE-2021-37601
Description
muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Prosody/Prosodydescription
- osv-coords3 versionspkg:rpm/opensuse/prosody&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/prosody&distro=openSUSE%20Tumbleweedpkg:rpm/suse/prosody&distro=SUSE%20Package%20Hub%2015%20SP3
< 0.11.10-bp153.2.6.2+ 2 more
- (no CPE)range: < 0.11.10-bp153.2.6.2
- (no CPE)range: < 0.11.10-1.2
- (no CPE)range: < 0.11.10-bp153.2.6.2
Patches
Vulnerability mechanics
References
5- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7BZRRPCNOETB4MN4XSYPRBBKDIHO27DY/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EMKIOEP2CYWHVVUCNWISPE4AGH4IR7O2/mitrevendor-advisoryx_refsource_FEDORA
- www.openwall.com/lists/oss-security/2021/07/28/4mitremailing-listx_refsource_MLIST
- prosody.immitrex_refsource_MISC
- prosody.im/security/advisory_20210722/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.