125 matches found
CVE-2013-4110
Cryptocat is affected by an information-disclosure vulnerability (CVE-2013-4110) that allows an attacker to obtain the list of chat participants. Public sources in the connected documents describe an unspecified chat participant user-list disclosure within Cryptocat’s implementation. No explicit ...
CVE-2013-4107
CVE-2013-4107 concerns Cryptocat prior to 2.0.22, where the vulnerability lies in cryptocat.js: the function handlePresence() enables a cross-site scripting (XSS) condition. The impact is client-side code execution under attacker-controlled input, reported consistently across multiple sources. Th...
CVE-2013-4107
Cryptocat before 2.0.22: cryptocat.js handlePresence has cross site scripting...
CVE-2013-4105
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure...
CVE-2013-2259
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview...
CVE-2013-2257
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness...
CVE-2013-2260
Cryptocat before 2.0.22: Cryptocat.random Function Array Key has Entropy Weakness...
CVE-2013-2258
Cryptocat before 2.0.22 has Nickname User Impersonation...
Information disclosure
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure...
Design/Logic Flaw
Cryptocat before 2.0.22: Cryptocat.random Function Array Key has Entropy Weakness...
Information disclosure
Cryptocat before 2.0.22 has Nickname User Impersonation...
Design/Logic Flaw
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview...
Design/Logic Flaw
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness...
CVE-2013-2257
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness...
CVE-2013-2257
CVE-2013-2257 affects Cryptocat prior to version 2.0.42. The issue is described as a Group Chat ECC Private Key Generation Brute Force Weakness, indicating weakness in how ECC private keys for group chats are generated. The public descriptions in connected records consistently reference Cryptocat
CVE-2013-2258
Cryptocat before 2.0.22 has Nickname User Impersonation...
CVE-2013-2258
CVE-2013-2258 affects Cryptocat before 2.0.22, described consistently across multiple connected records as allowing Nickname User Impersonation . The available documents identify the affected product and the basic vulnerability class but do not provide detailed root cause, affected components, ex...
CVE-2013-2259
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview...
CVE-2013-2259
CVE-2013-2259 affects Cryptocat prior to 2.0.22. The connected records confirm an Arbitrary Code Execution vulnerability in the Cryptocat Firefox Conversation Overview context, with the same pre-2.0.22 version exposure cited across multiple sources (CNVD, Red Hat, NVD, CVE lists). The exact root ...
CVE-2013-4105
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure...