2.2.2

DATE	CVE	VULNERABILITY TITLE	RISK
2022-06-02	CVE-2022-29233	Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton CWE-285	5.0
2022-06-02	CVE-2022-29234	Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton CWE-285	4.3
2022-06-02	CVE-2022-29235	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	5.3
2022-06-02	CVE-2022-29236	Improper Authorization vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton CWE-285	4.3
2022-06-01	CVE-2022-29169	Unspecified vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton	7.5
2022-06-01	CVE-2022-29232	Information Exposure vulnerability in Bigbluebutton BigBlueButton is an open source web conferencing system. network low complexity bigbluebutton CWE-200	4.0
2022-01-19	CVE-2021-4143	Cross-site Scripting vulnerability in Bigbluebutton Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutton/bigbluebutton prior to 2.4.0. network bigbluebutton CWE-79	4.3
2020-11-26	CVE-2020-29043	Missing Authorization vulnerability in Bigbluebutton An issue was discovered in BigBlueButton through 2.2.29. network low complexity bigbluebutton CWE-862	5.0
2020-11-26	CVE-2020-29042	Improper Restriction of Excessive Authentication Attempts vulnerability in Bigbluebutton An issue was discovered in BigBlueButton through 2.2.29. network bigbluebutton CWE-307	4.3
2020-11-19	CVE-2020-28954	Improper Encoding or Escaping of Output vulnerability in Bigbluebutton web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. network low complexity bigbluebutton CWE-116	5.0