AVG-2237 log

Package prosody
Status Fixed
Severity Medium
Type information disclosure
Affected 1:0.11.9-2
Fixed 1:0.11.10-1
Current 1:0.12.4-1 [extra]
Ticket FS#71641
Created Wed Jul 28 18:40:37 2021
Issue Severity Remote Type Description
CVE-2021-37601 Medium Yes Information disclosure
It was discovered that Prosody 0.11.0 up to 0.11.9 exposes the list of entities (Jabber/XMPP addresses) affiliated (part of) a Multi-User chat to any user,...
Date Advisory Package Type
10 Aug 2021 ASA-202108-11 prosody information disclosure