| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-41914 | Non-constant-time SCIM token comparison in Zulip Server | zulip | zulip | Low | 3.7 | 2022-11-16 00:00:00 | Deep Dive |
| CVE-2022-36048 | IP address leak via image proxy bypass in Zulip Server | zulip | zulip | Medium | 4.3 | 2022-08-31 19:15:11 | Deep Dive |
| CVE-2022-35962 | Crafted link in Zulip message can cause disclosure of credentials | zulip | zulip-mobile | High | 8.0 | 2022-08-29 14:50:09 | Deep Dive |
| CVE-2016-4427 | Zulip 访问控制错误漏洞 | - | zulip | 高危 | - | 2022-07-28 16:32:08 | Deep Dive |
| CVE-2016-4426 | Zulip 安全漏洞 | - | zulip | 中危 | - | 2022-07-28 16:31:52 | Deep Dive |
| CVE-2022-31168 | Zulip Server insufficient authorization for changing bot roles | zulip | zulip | Medium | 5.4 | 2022-07-22 13:05:12 | Deep Dive |
| CVE-2022-31134 | Zulip Server public data export contains attachments that are non-public | zulip | zulip | Medium | 4.9 | 2022-07-12 20:35:10 | Deep Dive |
| CVE-2022-31017 | Expression Always True vulnerability in Zulip Server | zulip | zulip | Low | 2.0 | 2022-06-25 08:15:16 | Deep Dive |
| CVE-2022-24751 | Race condition in Zulip | zulip | zulip | Medium | 5.4 | 2022-03-16 13:30:15 | Deep Dive |
| CVE-2022-23656 | Cross-site scripting vulnerability in Zulip Server | zulip | zulip | Medium | 4.6 | 2022-03-02 20:25:10 | Deep Dive |
| CVE-2021-3967 | Improper Access Control in zulip/zulip | zulip | zulip/zulip | 高危 | - | 2022-02-26 23:00:10 | Deep Dive |
| CVE-2022-21706 | Multi-use invitations can grant access to other organizations in Zulip | zulip | zulip | High | 7.2 | 2022-02-25 23:25:10 | Deep Dive |
| CVE-2021-43799 | RabbitMQ exposes ports with weak default secrets in Zulip Server | zulip | zulip | High | 8.6 | 2022-01-25 20:55:11 | Deep Dive |
| CVE-2021-3866 | Cross-site Scripting (XSS) - Stored in zulip/zulip | zulip | zulip/zulip | 中危 | - | 2022-01-20 10:30:11 | Deep Dive |
| CVE-2021-43791 | Ineffective expiration validation for invitation links in Zulip | zulip | zulip | Medium | 6.5 | 2021-12-02 00:15:11 | Deep Dive |
| CVE-2021-41115 | Regular expression denial-of-service in Zulip | zulip | zulip | Medium | 4.3 | 2021-10-07 22:20:13 | Deep Dive |
| CVE-2019-10476 | CloudBees Jenkins Zulip Plugin 安全漏洞 | Jenkins project | Jenkins Zulip Plugin | 高危 | - | 2019-10-23 12:45:46 | Deep Dive |
| CVE-2017-0910 | Zulip Server invitation系统安全漏洞 | Zulip | Zulip Server | 高危 | - | 2017-11-27 16:00:00 | Deep Dive |
| CVE-2017-0896 | Zulip Server 安全漏洞 | Zulip | Zulip Server | 中危 | - | 2017-06-02 17:00:00 | Deep Dive |
| CVE-2017-0881 | Zulip group chat application server 安全漏洞 | - | Zulip Server Versions 1.4.2 and below | 中危 | - | 2017-03-28 02:46:00 | Deep Dive |