Vulnerabilities > Zulip

DATE CVE VULNERABILITY TITLE RISK
2022-07-28 CVE-2016-4426 Unspecified vulnerability in Zulip
In zulip before 1.3.12, bot API keys were accessible to other users in the same realm.
network
low complexity
zulip
4.3
2022-07-28 CVE-2016-4427 Unspecified vulnerability in Zulip
In zulip before 1.3.12, deactivated users could access messages if SSO was enabled.
network
low complexity
zulip
7.5
2022-07-22 CVE-2022-31168 Incorrect Authorization vulnerability in Zulip
Zulip is an open source team chat tool.
network
low complexity
zulip CWE-863
8.8
2022-07-12 CVE-2022-31134 Unrestricted Upload of File with Dangerous Type vulnerability in Zulip Server
Zulip is an open-source team collaboration tool.
network
low complexity
zulip CWE-434
4.9
2022-06-25 CVE-2022-31017 Always-Incorrect Control Flow Implementation vulnerability in Zulip
Zulip is an open-source team collaboration tool.
network
high complexity
zulip CWE-670
2.6
2022-03-16 CVE-2022-24751 Race Condition vulnerability in Zulip
Zulip is an open source group chat application.
network
high complexity
zulip CWE-362
7.4
2022-03-02 CVE-2022-23656 Cross-site Scripting vulnerability in Zulip Server 20210603
Zulip is an open source team chat app.
network
low complexity
zulip CWE-79
5.4
2022-02-26 CVE-2021-3967 Unspecified vulnerability in Zulip
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.
network
low complexity
zulip
8.8
2022-02-26 CVE-2022-21706 Unspecified vulnerability in Zulip Server
Zulip is an open-source team collaboration tool with topic-based threading.
network
low complexity
zulip
critical
9.8
2022-01-25 CVE-2021-43799 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Zulip
Zulip is an open-source team collaboration tool.
network
low complexity
zulip CWE-338
critical
9.8