CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-32832 – ReDOS in Rocket.Chat
https://notcve.org/view.php?id=CVE-2021-32832
Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13. Rocket.Chat es una plataforma de comunicaciones de código abierto totalmente personalizable y desarrollada en JavaScript. En Rocket.Chat versiones anteriores a 3.11.3, 3.12.2 y 3.13, un problema con determinadas expresiones regulares podía conllevar potencialmente a una denegación de servicio. • https://docs.rocket.chat/guides/security/security-updates https://github.com/RocketChat/Rocket.Chat/commit/4a0dce973e37ec3f56ca2231d6030511dbdd094c https://github.com/RocketChat/Rocket.Chat/releases/tag/3.11.3 https://securitylab.github.com/advisories/GHSL-2020-310-redos-Rocket.Chat • CWE-400: Uncontrolled Resource Consumption •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 1CVE-2021-22910
https://notcve.org/view.php?id=CVE-2021-22910
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE. Se presenta una vulnerabilidad de saneo en Rocket.Chat server versiones anteriores a 3.13.2, anteriores a 3.12.4, anteriores a 3.11.4, que permitía realizar consultas a un endpoint que podía dar lugar a una inyección NoSQL, conllevando potencialmente a un RCE • https://blog.sonarsource.com/nosql-injections-in-rocket-chat https://hackerone.com/reports/1130874 • CWE-75: Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2021-22892
https://notcve.org/view.php?id=CVE-2021-22892
An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 & v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks. Se presenta una vulnerabilidad de divulgación de información en el servidor Rocket.Chat corregido en versiones v3.13, v3.12.2 y v3.11.3, que permitía que las direcciones de correo electrónico sean divulgadas mediante comprobaciones de enumeración y validación • https://hackerone.com/reports/1089116 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-203: Observable Discrepancy •
CVSS: 6.1EPSS: 0%CPEs: 11EXPL: 0CVE-2021-22886
https://notcve.org/view.php?id=CVE-2021-22886
Rocket.Chat before 3.11, 3.10.5, 3.9.7, 3.8.8 is vulnerable to persistent cross-site scripting (XSS) using nested markdown tags allowing a remote attacker to inject arbitrary JavaScript in a message. This flaw leads to arbitrary file read and RCE on Rocket.Chat desktop app. Rocket.Chat versiones anteriores a 3.11, 3.10.5, 3.9.7, 3.8.8, es vulnerable a ataques de tipo cross-site scripting (XSS) persistente que usan etiquetas markdown anidadas que permiten a un atacante remoto inyectar JavaScript arbitrario en un mensaje. Este fallo conlleva a una lectura de archivos arbitraria y una RCE en la aplicación de escritorio Rocket.Chat. • https://docs.rocket.chat/guides/security/security-updates https://github.com/RocketChat/Rocket.Chat/pull/20430 https://hackerone.com/reports/1014459 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-8292
https://notcve.org/view.php?id=CVE-2020-8292
Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes. Un servidor Rocket.Chat versiones anteriores a 3.9.0, es susceptible a una vulnerabilidad de tipo cross-site scripting (XSS) propio por medio de la funcionalidad drag & drop en los cuadros de mensaje • https://docs.rocket.chat/guides/security/security-updates https://hackerone.com/reports/962902 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •