Filtered by vendor Rocketchat
Subscriptions
Filtered by product Rocket.chat
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2017-1000054 | 1 Rocketchat | 1 Rocket.chat | 2024-11-21 | N/A |
Rocket.Chat version 0.8.0 and newer is vulnerable to XSS in the markdown link parsing code for messages. | ||||
CVE-2024-42027 | 1 Rocketchat | 1 Rocket.chat | 2024-10-07 | 6.7 Medium |
The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources. | ||||
CVE-2024-46936 | 1 Rocketchat | 1 Rocket.chat | 2024-09-26 | 7.5 High |
Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and before is vulnerable to a message forgery / impersonation issue. Attackers can abuse the UpdateOTRAck method to send ephemeral messages as if they were any other user they choose. |
Page 1 of 1.