Vulnerabilities > Zulip

DATE CVE VULNERABILITY TITLE RISK
2022-03-16 CVE-2022-24751 Race Condition vulnerability in Zulip
Zulip is an open source group chat application.
network
zulip CWE-362
5.8
2022-03-02 CVE-2022-23656 Cross-site Scripting vulnerability in Zulip Server
Zulip is an open source team chat app.
network
zulip CWE-79
3.5
2022-02-26 CVE-2021-3967 Improper Authentication vulnerability in Zulip
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.
network
low complexity
zulip CWE-287
6.5
2022-02-26 CVE-2022-21706 Incorrect Authorization vulnerability in Zulip Server
Zulip is an open-source team collaboration tool with topic-based threading.
network
low complexity
zulip CWE-863
7.5
2022-01-25 CVE-2021-43799 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Zulip
Zulip is an open-source team collaboration tool.
network
low complexity
zulip CWE-338
5.0
2022-01-20 CVE-2021-3866 Cross-site Scripting vulnerability in Zulip
Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6.
network
zulip CWE-79
3.5
2021-12-02 CVE-2021-43791 Insufficient Session Expiration vulnerability in Zulip
Zulip is an open source group chat application that combines real-time chat with threaded conversations.
network
low complexity
zulip CWE-613
5.0
2021-10-07 CVE-2021-41115 Unspecified vulnerability in Zulip
Zulip is an open source team chat server.
network
low complexity
zulip
4.0
2021-02-05 CVE-2020-10858 Incorrect Permission Assignment for Critical Resource vulnerability in Zulip Desktop
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler.
network
low complexity
zulip CWE-732
5.0
2021-02-05 CVE-2020-10857 Unspecified vulnerability in Zulip Desktop
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution.
network
low complexity
zulip
7.5