Vulnerabilities > Tigase

DATE	CVE	VULNERABILITY TITLE	RISK
2014-04-11	CVE-2014-2746	Permissions, Privileges, and Access Controls vulnerability in Tigase 5.2.0 net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. network low complexity tigase CWE-264	7.8
2012-08-25	CVE-2012-4670	Improper Input Validation vulnerability in Tigase Xmpp Server Tigase XMPP Server before 5.1.0 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via a (1) Verify Response or (2) Authorization Response. network low complexity tigase CWE-20	6.4

Vulnerabilities > Tigase {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Tigase"}]}