Data Type Vulnerability in Prosody by Prosody IM
CVE-2011-2531

Currently unrated

Key Information:

Vendor: Prosody
Status: Prosody
Vendor: CVE Published:; 22 June 2011

What is CVE-2011-2531?

In Prosody versions prior to 0.8.1, when configured to use MySQL, an incorrect assignment of data types for the value column may occur. This vulnerability enables remote attackers to exploit the service by sending excessively large amounts of data, potentially resulting in denial of service due to data truncation. Updating to the latest version is crucial for safeguarding against these types of attacks.

References

http://blog.prosody.im/prosody-0-8-1-released/

x_refsource_CONFIRM

http://hg.prosody.im/0.8/rev/d2406f0ce8a5

x_refsource_CONFIRM

http://hg.prosody.im/0.8/rev/c806a599224a

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jun 22, 2011

CVE-2011-2531 Data

JSON