CVE-2011-2532
NONE EPSS 70.1%
Published Jun 22, 201115y ago · Modified Jun 16, 20262w ago
Published Jun 22, 2011 15y ago
Last Modified Jun 16, 2026 2w ago
Description
The json.decode function in util/json.lua in Prosody 0.8.x before 0.8.1 might allow remote attackers to cause a denial of service (infinite loop) via invalid JSON data, as demonstrated by truncated data.
Threat Intelligence
EPSS Exploit Probability
70.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-399
Affected Products 1
| Vendor | Product | Version | Range |
|---|---|---|---|
| prosody | prosody | 0.8.0 | any |
References 3
- blog.prosody.im http://blog.prosody.im/prosody-0-8-1-released/
- hg.prosody.im http://hg.prosody.im/0.8/rev/20979f124ad9
- prosody.im http://prosody.im/doc/release/0.8.1
Remediation
- blog.prosody.im http://blog.prosody.im/prosody-0-8-1-released/
- hg.prosody.im http://hg.prosody.im/0.8/rev/20979f124ad9
- prosody.im http://prosody.im/doc/release/0.8.1