Zoom (for Android, iOS, Linux, macOS, And Windows) Clients Before Version 5.13.5
by Zoom Video Communications, Inc.
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-28597 | 0.00 | — | 0.01 | Mar 27, 2023 | Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could… | |||
| CVE-2023-22882 | 0.00 | — | 0.01 | Mar 16, 2023 | Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service. | |||
| CVE-2023-22881 | 0.00 | — | 0.01 | Mar 16, 2023 | Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service. | |||
| CVE-2022-28764 | 0.00 | — | 0.00 | Nov 14, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure… | |||
| CVE-2022-28763 | 0.00 | — | 0.01 | Oct 31, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading… | |||
| CVE-2022-28755 | 0.00 | — | 0.01 | Aug 11, 2022 | The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading… |
- CVE-2023-28597Mar 27, 2023risk 0.00cvss —epss 0.01
Zoom clients prior to 5.13.5 contain an improper trust boundary implementation vulnerability. If a victim saves a local recording to an SMB location and later opens it using a link from Zoom’s web portal, an attacker positioned on an adjacent network to the victim client could…
- CVE-2023-22882Mar 16, 2023risk 0.00cvss —epss 0.01
Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.
- CVE-2023-22881Mar 16, 2023risk 0.00cvss —epss 0.01
Zoom clients before version 5.13.5 contain a STUN parsing vulnerability. A malicious actor could send specially crafted UDP traffic to a victim Zoom client to remotely cause the client to crash, causing a denial of service.
- CVE-2022-28764Nov 14, 2022risk 0.00cvss —epss 0.00
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.6 is susceptible to a local information exposure vulnerability. A failure to clear data from a local SQL database after a meeting ends and the usage of an insufficiently secure…
- CVE-2022-28763Oct 31, 2022risk 0.00cvss —epss 0.01
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading…
- CVE-2022-28755Aug 11, 2022risk 0.00cvss —epss 0.01
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.11.0 are susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading…