CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31168 – Zulip Server insufficient authorization for changing bot roles
https://notcve.org/view.php?id=CVE-2022-31168
22 Jul 2022 — Zulip is an open source team chat tool. Due to an incorrect authorization check in Zulip Server 5.4 and earlier, a member of an organization could craft an API call that grants organization administrator privileges to one of their bots. The vulnerability is fixed in Zulip Server 5.5. Members who don’t own any bots, and lack permission to create them, can’t exploit the vulnerability. As a workaround for the vulnerability, an organization administrator can restrict the `Who can create bots` permission to admi... • https://github.com/zulip/zulip/commit/751b2a03e565e9eb02ffe923b7c24ac73d604034 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31017 – Expression Always True vulnerability in Zulip Server
https://notcve.org/view.php?id=CVE-2022-31017
25 Jun 2022 — Zulip is an open-source team collaboration tool. Versions 2.1.0 through and including 5.2 are vulnerable to a logic error. A stream configured as private with protected history, where new subscribers should not be allowed to see messages sent before they were subscribed, when edited causes the server to incorrectly send an API event that includes the edited message to all of the stream’s current subscribers. This API event is ignored by official clients, but can be observed by using a modified client or the... • https://github.com/zulip/zulip/security/advisories/GHSA-m5j3-jp59-6f3q • CWE-571: Expression is Always True CWE-670: Always-Incorrect Control Flow Implementation •
CVSS: 7.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-24751 – Race condition in Zulip
https://notcve.org/view.php?id=CVE-2022-24751
16 Mar 2022 — Zulip is an open source group chat application. Starting with version 4.0 and prior to version 4.11, Zulip is vulnerable to a race condition during account deactivation, where a simultaneous access by the user being deactivated may, in rare cases, allow continued access by the deactivated user. A patch is available in version 4.11 on the 4.x branch and version 5.0-rc1 on the 5.x branch. Upgrading to a fixed version will, as a side effect, deactivate any cached sessions that may have been leaked through this... • https://github.com/zulip/zulip/commit/62ba8e455d8f460001d9fb486a6dabfd1ed67717 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3967 – Improper Access Control in zulip/zulip
https://notcve.org/view.php?id=CVE-2021-3967
26 Feb 2022 — Improper Access Control in GitHub repository zulip/zulip prior to 4.10. Un Control de Acceso Inapropiado en el repositorio de GitHub zulip/zulip versiones anteriores a 4.10. • https://github.com/zulip/zulip/commit/d5db254ca8167995a1654d1c45ffc74b2fade39a • CWE-284: Improper Access Control •
CVSS: 9.8EPSS: 5%CPEs: 1EXPL: 1CVE-2021-43799 – RabbitMQ exposes ports with weak default secrets in Zulip Server
https://notcve.org/view.php?id=CVE-2021-43799
25 Jan 2022 — Zulip is an open-source team collaboration tool. Zulip Server installs RabbitMQ for internal message passing. In versions of Zulip Server prior to 4.9, the initial installation (until first reboot, or restart of RabbitMQ) does not successfully limit the default ports which RabbitMQ opens; this includes port 25672, the RabbitMQ distribution port, which is used as a management port. RabbitMQ's default "cookie" which protects this port is generated using a weak PRNG, which limits the entropy of the password to... • https://github.com/scopion/CVE-2021-43799 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 1CVE-2021-3866 – Cross-site Scripting (XSS) - Stored in zulip/zulip
https://notcve.org/view.php?id=CVE-2021-3866
20 Jan 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository zulip/zulip more than and including 44f935695d452cc3fb16845a0c6af710438b153d and prior to 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6. Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub zulip/zulip más de e incluyendo 44f935695d452cc3fb16845a0c6af710438b153d y antes de 3eb2791c3e9695f7d37ffe84e0c2184fae665cb6 • https://blog.zulip.com/2022/01/19/cve-2021-3866 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-43791 – Ineffective expiration validation for invitation links in Zulip
https://notcve.org/view.php?id=CVE-2021-43791
02 Dec 2021 — Zulip is an open source group chat application that combines real-time chat with threaded conversations. In affected versions expiration dates on the confirmation objects associated with email invitations were not enforced properly in the new account registration flow. A confirmation link takes a user to the check_prereg_key_and_redirect endpoint, before getting redirected to POST to /accounts/register/. The problem was that validation was happening in the check_prereg_key_and_redirect part and not in /acco... • https://github.com/zulip/zulip/commit/a014ef75a3a0ed7f24ebb157632ba58751e732c6 • CWE-613: Insufficient Session Expiration •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-41115 – Regular expression denial-of-service in Zulip
https://notcve.org/view.php?id=CVE-2021-41115
07 Oct 2021 — Zulip is an open source team chat server. In affected versions Zulip allows organization administrators on a server to configure "linkifiers" that automatically create links from messages that users send, detected via arbitrary regular expressions. Malicious organization administrators could subject the server to a denial-of-service via regular expression complexity attacks; most simply, by configuring a quadratic-time regular expression in a linkifier, and sending messages that exploited it. A regular expr... • https://github.com/zulip/zulip/commit/e2d303c1bb5f538d17dc3d9134bc8858bdece781 • CWE-400: Uncontrolled Resource Consumption CWE-1333: Inefficient Regular Expression Complexity •