VIR Vulnerability Intelligence Relay

CVE-2014-2829

high
Published 2014-04-11 · Modified 2025-12-10
CVSS v3
CVSS v2
7.8
VIR risk
7.8

Description

Erlang Solutions MongooseIM vulnerable to denial of service (DoS) via crafted XMPP stream

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: cve@mitre.org — https://github.com/esl/MongooseIM/commit/586d96cc12ef218243a3466354b4d208b5472a6c

Package impact
EcosystemPackageVulnerableFixed
HexMongooseIM<1.3.21.3.2

Application impact
VendorProductVersionsFixed
erlang-solutionsmongooseim{"endIncluding":"1.3.1"}
erlang-solutionsmongooseim1.2.1
erlang-solutionsmongooseim1.2.2
erlang-solutionsmongooseim1.3.0
erlang-solutionsmongooseim1.3.1

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.