Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP2 package prosody, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2021-32918 — CVSS 7.5 (high): An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS)…
CVE-2021-32919 — CVSS 7.5 (high): An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental…
CVE-2021-32920 — CVSS 7.5 (high): Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests.
CVE-2021-32917 — CVSS 5.3 (medium): An issue was discovered in Prosody before 0.11.9. The proxy65 component allows open access by default, even if neither of the users has an…