Jabberd2
By the Year
In 2024 there have been 0 vulnerabilities in Jabberd2 . Jabberd2 did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Jabberd2 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Jabberd2 Security Vulnerabilities
s2s/out.c in jabberd2 2.2.16 and earlier does not verify
CVE-2012-3525
- August 25, 2012
s2s/out.c in jabberd2 2.2.16 and earlier does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response.
Improper Input Validation
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which
CVE-2011-1755
7.5 - High
- June 21, 2011
jabberd2 before 2.2.14 does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564.
XEE
