Vulnerabilities > Rocket Chat
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-23 | CVE-2022-32219 | Information Exposure vulnerability in Rocket.Chat An information disclosure vulnerability exists in Rocket.Chat <v4.7.5 which allowed the "users.list" REST endpoint gets a query parameter from JSON and runs Users.find(queryFromClientSide). | 4.3 |
| 2022-09-23 | CVE-2022-32220 | Missing Authorization vulnerability in Rocket.Chat An information disclosure vulnerability exists in Rocket.Chat <v5 due to the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room. | 6.5 |
| 2022-09-23 | CVE-2022-32226 | Improper Input Validation vulnerability in Rocket.Chat An improper access control vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room. | 4.3 |
| 2022-09-23 | CVE-2022-32227 | Cleartext Transmission of Sensitive Information vulnerability in Rocket.Chat A cleartext transmission of sensitive information exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 relating to Oauth tokens by having the permission "view-full-other-user-info", this could cause an oauth token leak in the product. | 6.5 |
| 2022-09-23 | CVE-2022-32228 | Unspecified vulnerability in Rocket.Chat An information disclosure vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 since the getReadReceipts Meteor server method does not properly filter user inputs that are passed to MongoDB queries, allowing $regex queries to enumerate arbitrary Message IDs. | 4.3 |
| 2022-09-23 | CVE-2022-32229 | Unspecified vulnerability in Rocket.Chat A information disclosure vulnerability exists in Rockert.Chat <v5 due to /api/v1/chat.getThreadsList lack of sanitization of user inputs and can therefore leak private thread messages to unauthorized users via Mongo DB injection. | 4.3 |
| 2022-09-23 | CVE-2022-35246 | Unspecified vulnerability in Rocket.Chat A NoSQL-Injection information disclosure vulnerability vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 in the getS3FileUrl Meteor server method that can disclose arbitrary file upload URLs to users that should not be able to access. | 4.3 |
| 2022-09-23 | CVE-2022-35247 | Missing Authorization vulnerability in Rocket.Chat A information disclosure vulnerability exists in Rocket.chat <v5, <v4.8.2 and <v4.7.5 where the lack of ACL checks in the getRoomRoles Meteor method leak channel members with special roles to unauthorized clients. | 4.3 |
| 2022-09-23 | CVE-2022-35248 | Improper Authentication vulnerability in Rocket.Chat A improper authentication vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 that allowed two factor authentication can be bypassed when telling the server to use CAS during login. | 8.8 |
| 2022-09-23 | CVE-2022-35249 | Missing Authorization vulnerability in Rocket.Chat A information disclosure vulnerability exists in Rocket.Chat <v5 where the getUserMentionsByChannel meteor server method discloses messages from private channels and direct messages regardless of the users access permission to the room. | 4.3 |