AVG-1955 log

Package prosody
Status Fixed
Severity High
Type multiple issues
Affected 1:0.11.8-1
Fixed 1:0.11.9-1
Current 1:0.11.10-1 [community]
Ticket None
Created Thu May 13 14:59:33 2021
Issue Severity Remote Type Description
CVE-2021-32921 Medium Yes Information disclosure
A security issue was found in the Prosody.im XMPP server software before version 0.11.9. It was discovered that Prosody does not use a constant-time...
CVE-2021-32920 Medium Yes Denial of service
A security issue was found in the Prosody.im XMPP server software before version 0.11.9. It was discovered that Prosody does not disable SSL/TLS...
CVE-2021-32919 Medium Yes Authentication bypass
A security issue was found in the Prosody.im XMPP server software before version 0.11.9. The undocumented option ‘dialback_without_dialback’ enabled an...
CVE-2021-32918 High Yes Denial of service
A security issue was found in the Prosody.im XMPP server software before version 0.11.9. It was discovered that default settings leave Prosody susceptible...
CVE-2021-32917 Medium Yes Insufficient validation
A security issue was found in the Prosody.im XMPP server software before version 0.11.9. mod_proxy65 is a file transfer proxy provided with Prosody to...
Date Advisory Package Type
19 May 2021 ASA-202105-11 prosody multiple issues