Vulnerabilities > Process ONE > Ejabberd > 3.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-18 | CVE-2011-4320 | Resource Management Errors vulnerability in Process-One Ejabberd 2.1.8/3.0.0 The mod_pubsub module (mod_pubsub.erl) in ejabberd 2.1.8 and 3.0.0-alpha-3 allows remote authenticated users to cause a denial of service (infinite loop) via a stanza with a publish tag that lacks a node attribute. | 4.0 |
2011-06-21 | CVE-2011-1753 | Resource Management Errors vulnerability in Process-One Ejabberd and Exmpp expat_erl.c in ejabberd before 2.1.7 and 3.x before 3.0.0-alpha-3, and exmpp before 0.9.7, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, a similar issue to CVE-2003-1564. | 5.0 |