Vulnerabilities (CVE)

Filtered by vendor Zulip Subscribe
Filtered by product Zulip Desktop
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-10857 1 Zulip 1 Zulip Desktop 2024-02-04 7.5 HIGH 9.8 CRITICAL
Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution.
CVE-2020-10858 1 Zulip 1 Zulip Desktop 2024-02-04 5.0 MEDIUM 5.3 MEDIUM
Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler.