3 matches found
CVE-2022-24751
Zulip is an open source group chat application. Starting with version 4.0 and prior to version 4.11, Zulip is vulnerable to a race condition during account deactivation, where a simultaneous access by the user being deactivated may, in rare cases, allow continued access by the deactivated user. A...
CVE-2022-24751 Race condition in Zulip
Zulip is an open source group chat application. Starting with version 4.0 and prior to version 4.11, Zulip is vulnerable to a race condition during account deactivation, where a simultaneous access by the user being deactivated may, in rare cases, allow continued access by the deactivated user. A...
CVE-2022-24751
CVE-2022-24751 describes a race condition in Zulip during account deactivation. From versions 4.0 up to, but not including, 4.11, a deactivated user could in rare cases retain access due to concurrent actions. The fixes are in Zulip 4.11 on the 4.x branch and 5.0-rc1 on the 5.x branch. Upgrading ...