Filtered by vendor Rocket.chat
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22910 | 1 Rocket.chat | 1 Rocket.chat | 2021-08-17 | 7.5 HIGH | 9.8 CRITICAL |
| A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE. | |||||
| CVE-2021-22911 | 1 Rocket.chat | 1 Rocket.chat | 2021-07-30 | 7.5 HIGH | 9.8 CRITICAL |
| A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injection, resulting potentially in RCE. | |||||
| CVE-2020-29594 | 1 Rocket.chat | 1 Rocket.chat | 2021-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| Rocket.Chat before 0.74.4, 1.x before 1.3.4, 2.x before 2.4.13, 3.x before 3.7.3, 3.8.x before 3.8.3, and 3.9.x before 3.9.1 mishandles SAML login. | |||||
| CVE-2017-1000493 | 1 Rocket.chat | 1 Rocket.chat | 2019-05-01 | 7.5 HIGH | 9.8 CRITICAL |
| Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover | |||||