CVE-2022-24751
- EPSS 0.22%
- Veröffentlicht 16.03.2022 14:15:08
- Zuletzt bearbeitet 21.11.2024 06:51:00
Zulip is an open source group chat application. Starting with version 4.0 and prior to version 4.11, Zulip is vulnerable to a race condition during account deactivation, where a simultaneous access by the user being deactivated may, in rare cases, al...
CVE-2021-3967
- EPSS 0.31%
- Veröffentlicht 26.02.2022 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:23:15
Improper Access Control in GitHub repository zulip/zulip prior to 4.10.
CVE-2021-43799
- EPSS 5.27%
- Veröffentlicht 25.01.2022 21:15:07
- Zuletzt bearbeitet 21.11.2024 06:29:48
Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation (until first reboot, or restart of RabbitMQ) does not successfully limit ...
CVE-2021-3866
- EPSS 1%
- Veröffentlicht 20.01.2022 11:15:07
- Zuletzt bearbeitet 21.11.2024 06:22:41
Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6.
CVE-2021-43791
- EPSS 0.19%
- Veröffentlicht 02.12.2021 01:15:07
- Zuletzt bearbeitet 21.11.2024 06:29:47
Zulip is an open source group chat application that combines real-time chat with threaded conversations. In affected versions expiration dates on the confirmation objects associated with email invitations were not enforced properly in the new account...
CVE-2021-41115
- EPSS 1.05%
- Veröffentlicht 07.10.2021 23:15:08
- Zuletzt bearbeitet 21.11.2024 06:25:30
Zulip is an open source team chat server. In affected versions Zulip allows organization administrators on a server to configure "linkifiers" that automatically create links from messages that users send, detected via arbitrary regular expressions. M...