Vulnerabilities > Zulip

DATE CVE VULNERABILITY TITLE RISK
2022-06-25 CVE-2022-31017 Always-Incorrect Control Flow Implementation vulnerability in Zulip
Zulip is an open-source team collaboration tool.
network
high complexity
zulip CWE-670
2.1
2022-03-16 CVE-2022-24751 Race Condition vulnerability in Zulip
Zulip is an open source group chat application.
network
zulip CWE-362
5.8
2022-03-02 CVE-2022-23656 Cross-site Scripting vulnerability in Zulip Server
Zulip is an open source team chat app.
network
zulip CWE-79
3.5
2022-02-26 CVE-2021-3967 Unspecified vulnerability in Zulip
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.
network
low complexity
zulip
6.5
2022-02-26 CVE-2022-21706 Unspecified vulnerability in Zulip Server
Zulip is an open-source team collaboration tool with topic-based threading.
network
low complexity
zulip
critical
9.8
2022-01-25 CVE-2021-43799 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Zulip
Zulip is an open-source team collaboration tool.
network
low complexity
zulip CWE-338
5.0
2022-01-20 CVE-2021-3866 Cross-site Scripting vulnerability in Zulip
Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6.
network
zulip CWE-79
3.5
2021-12-02 CVE-2021-43791 Insufficient Session Expiration vulnerability in Zulip
Zulip is an open source group chat application that combines real-time chat with threaded conversations.
network
low complexity
zulip CWE-613
5.0
2021-10-07 CVE-2021-41115 Unspecified vulnerability in Zulip
Zulip is an open source team chat server.
network
low complexity
zulip
6.5
2021-04-15 CVE-2021-30487 Unspecified vulnerability in Zulip Server 3.0/3.1
In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.
network
low complexity
zulip
4.0