Описание
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated data.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:prosody:prosody:0.8.0:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00535
Низкий
5 Medium
CVSS2
Дефекты
CWE-399
Связанные уязвимости
ubuntu
больше 14 лет назад
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated data.
debian
больше 14 лет назад
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8. ...
github
больше 3 лет назад
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated data.
EPSS
Процентиль: 67%
0.00535
Низкий
5 Medium
CVSS2
Дефекты
CWE-399