| Bug | Description |
|---|
| TEMP-0579087-7F12A8 | prosody password world-readable |
| CVE-2022-0217 | It was discovered that an internal Prosody library to load XML based o ... |
| CVE-2021-37601 | muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers t ... |
| CVE-2021-32921 | An issue was discovered in Prosody before 0.11.9. It does not use a co ... |
| CVE-2021-32920 | Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood ... |
| CVE-2021-32919 | An issue was discovered in Prosody before 0.11.9. The undocumented dia ... |
| CVE-2021-32918 | An issue was discovered in Prosody before 0.11.9. Default settings are ... |
| CVE-2021-32917 | An issue was discovered in Prosody before 0.11.9. The proxy65 componen ... |
| CVE-2018-10847 | prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authenticat ... |
| CVE-2017-18265 | Prosody before 0.10.0 allows remote attackers to cause a denial of ser ... |
| CVE-2016-1232 | The mod_dialback module in Prosody before 0.9.9 does not properly gene ... |
| CVE-2016-1231 | Directory traversal vulnerability in the HTTP file-serving module (mod ... |
| CVE-2016-0756 | The generate_dialback function in the mod_dialback module in Prosody b ... |
| CVE-2014-2745 | Prosody before 0.9.4 does not properly restrict the processing of comp ... |
| CVE-2014-2744 | plugins/mod_compression.lua in (1) Prosody before 0.9.4 and (2) Lightw ... |
| CVE-2011-2532 | The json.decode function in util/json.lua in Prosody 0.8.x before 0.8. ... |
| CVE-2011-2531 | Prosody 0.8.x before 0.8.1, when MySQL is used, assigns an incorrect d ... |
| CVE-2011-2205 | Prosody before 0.8.1 does not properly detect recursion during entity ... |