Cryptocat_project Cryptocat
17 CVEs affecting Cryptocat_project Cryptocat. Latest disclosed: 2019-11-14. Critical: 5, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2013-4108 | Critical | 9.8 | 2019-11-14 | Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors. |
CVE-2013-2260 | Critical | 9.8 | 2019-11-04 | Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness |
CVE-2013-2259 | Critical | 9.8 | 2019-11-04 | Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview |
CVE-2013-4103 | Critical | 9.8 | 2019-11-04 | Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input |
CVE-2013-4102 | Critical | 9.1 | 2019-11-04 | Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness |
CVE-2013-4105 | High | 7.5 | 2019-11-04 | Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure |
CVE-2013-2257 | High | 7.5 | 2019-11-04 | Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness |
CVE-2013-4104 | High | 7.5 | 2019-11-04 | Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol |
CVE-2013-2262 | High | 7.5 | 2019-11-04 | Cryptocat strophe.js before 2.0.22 has information disclosure |
CVE-2013-2261 | High | 7.5 | 2019-11-04 | Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure |
CVE-2013-4100 | High | 7.5 | 2019-11-04 | Cryptocat before 2.0.22 has Remote Denial of Service via username |
CVE-2013-4106 | Medium | 6.1 | 2019-11-14 | A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22. |
CVE-2013-4109 | Medium | 6.1 | 2019-11-14 | An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165. |
CVE-2013-4107 | Medium | 6.1 | 2019-11-05 | Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting |
CVE-2013-4110 | Medium | 5.3 | 2019-11-05 | Cryptocat has an Unspecified Chat Participant User List Disclosure |
CVE-2013-2258 | Medium | 5.3 | 2019-11-04 | Cryptocat before 2.0.22 has Nickname User Impersonation |
CVE-2013-4101 | Medium | 5.3 | 2019-11-04 | Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness |