This page lists publicly disclosed CVE vulnerabilities affecting isode m-link (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-47634 | M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867. | [email protected] | 8.1 | 0.18% | 2023-01-01 | 2025-04-10 |
| CVE-2014-2742 | Isode M-Link before 16.0v7 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service (resource consumption) via a crafted XMPP stream, aka an "xmppbomb" attack. | [email protected] | 7.8 | 0.69% | 2014-04-11 | 2026-05-06 |
| CVE-2012-4669 | M-Link R14.6 before R14.6v14 and R15.1 before R15.1v10 does not verify that a request was made for an XMPP Server Dialback response, which allows remote XMPP servers to spoof domains via responses for domains that were not asserted. | [email protected] | 5.8 | 0.26% | 2012-08-25 | 2026-04-29 |