Cryptocat_project Cryptocat

17 CVEs affecting Cryptocat_project Cryptocat. Latest disclosed: 2019-11-14. Critical: 5, High: 6.

Top CVEs affecting Cryptocat_project Cryptocat
CVESeverityScorePublishedSummary
CVE-2013-4108Critical9.82019-11-14Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.
CVE-2013-2260Critical9.82019-11-04Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
CVE-2013-2259Critical9.82019-11-04Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
CVE-2013-4103Critical9.82019-11-04Cryptocat before 2.0.22 has Remote Script Injection due to improperly sanitizing user input
CVE-2013-4102Critical9.12019-11-04Cryptocat before 2.0.22 strophe.js Math.random() Random Number Generator Weakness
CVE-2013-4105High7.52019-11-04Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
CVE-2013-2257High7.52019-11-04Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
CVE-2013-4104High7.52019-11-04Cryptocat before 2.0.22 has weak encryption in the Socialist Millionnaire Protocol
CVE-2013-2262High7.52019-11-04Cryptocat strophe.js before 2.0.22 has information disclosure
CVE-2013-2261High7.52019-11-04Cryptocat before 2.0.22 Chrome Extension 'img/keygen.gif' has Information Disclosure
CVE-2013-4100High7.52019-11-04Cryptocat before 2.0.22 has Remote Denial of Service via username
CVE-2013-4106Medium6.12019-11-14A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.
CVE-2013-4109Medium6.12019-11-14An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.
CVE-2013-4107Medium6.12019-11-05Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting
CVE-2013-4110Medium5.32019-11-05Cryptocat has an Unspecified Chat Participant User List Disclosure
CVE-2013-2258Medium5.32019-11-04Cryptocat before 2.0.22 has Nickname User Impersonation
CVE-2013-4101Medium5.32019-11-04Cryptocat before 2.0.22 Link Markup Decorator HTML Handling Weakness