Search criteria
51 vulnerabilities found for cryptocat by cryptocat_project
FKIE_CVE-2013-4108
Vulnerability from fkie_nvd - Published: 2019-11-14 20:15 - Updated: 2024-11-21 01:54
Severity ?
Summary
Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | 2.0.18 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:2.0.18:*:*:*:*:*:*:*",
"matchCriteriaId": "F08D9058-2A07-4392-9C9C-6323A758AD7C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Cryptocat Project Cryptocat versi\u00f3n 2.0.18, tiene vectores de ataque y un impacto desconocido."
}
],
"id": "CVE-2013-4108",
"lastModified": "2024-11-21T01:54:53.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-14T20:15:11.023",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4106
Vulnerability from fkie_nvd - Published: 2019-11-14 20:15 - Updated: 2024-11-21 01:54
Severity ?
Summary
A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| secalert@redhat.com | https://vuldb.com/pl/?id.9433 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61099 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/pl/?id.9433 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61099 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEBCCD-4B89-408A-99CF-34AC241D5B96",
"versionEndExcluding": "2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22."
},
{
"lang": "es",
"value": "tiene una vulnerabilidad de tipo Cross-site scripting (XSS) en Conversation Overview Nickname en Cryptocat versiones anteriores a la versi\u00f3n 2.0.22."
}
],
"id": "CVE-2013-4106",
"lastModified": "2024-11-21T01:54:53.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-14T20:15:10.960",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/pl/?id.9433"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61099"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/pl/?id.9433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61099"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4109
Vulnerability from fkie_nvd - Published: 2019-11-14 19:15 - Updated: 2024-11-21 01:54
Severity ?
Summary
An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| secalert@redhat.com | https://vuldb.com/es/?id.9445 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61097 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/es/?id.9445 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61097 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | 1.1.165 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:1.1.165:*:*:*:*:*:*:*",
"matchCriteriaId": "840A346F-F7CC-438B-AE80-896CECB11C4B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165."
},
{
"lang": "es",
"value": "tiene una vulnerabilidad de cross-site scripting (XSS) no especificada en Cryptocat Message Handling versi\u00f3n 1.1.165."
}
],
"id": "CVE-2013-4109",
"lastModified": "2024-11-21T01:54:54.020",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-14T19:15:11.707",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/es/?id.9445"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61097"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/es/?id.9445"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61097"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4110
Vulnerability from fkie_nvd - Published: 2019-11-05 13:15 - Updated: 2024-11-21 01:54
Severity ?
Summary
Cryptocat has an Unspecified Chat Participant User List Disclosure
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Product | |
| secalert@redhat.com | https://vuldb.com/?id.9446 | Permissions Required | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61117 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.9446 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61117 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:-:*:*:*:*:*:*:*",
"matchCriteriaId": "984804DB-BBAC-4A5A-B64E-BDF836AA625B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat has an Unspecified Chat Participant User List Disclosure"
},
{
"lang": "es",
"value": "Cryptocat tiene una Divulgaci\u00f3n de Lista de Usuarios Participantes del Chat No Especificada"
}
],
"id": "CVE-2013-4110",
"lastModified": "2024-11-21T01:54:54.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-05T13:15:10.337",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.9446"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.9446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61117"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4107
Vulnerability from fkie_nvd - Published: 2019-11-05 13:15 - Updated: 2024-11-21 01:54
Severity ?
Summary
Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Product | |
| secalert@redhat.com | https://vuldb.com/?id.9442 | Permissions Required | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61096 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.9442 | Permissions Required | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61096 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEBCCD-4B89-408A-99CF-34AC241D5B96",
"versionEndExcluding": "2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting"
},
{
"lang": "es",
"value": "Cryptocat versiones anteriores a la versi\u00f3n 2.0.22: la funci\u00f3n handlePresence() del archivo cryptocat.js tiene una vulnerabilidad de tipo cross site scripting."
}
],
"id": "CVE-2013-4107",
"lastModified": "2024-11-21T01:54:53.797",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-05T13:15:10.227",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.9442"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "https://vuldb.com/?id.9442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61096"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4105
Vulnerability from fkie_nvd - Published: 2019-11-04 17:15 - Updated: 2024-11-21 01:54
Severity ?
Summary
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Product | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61110 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61110 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEBCCD-4B89-408A-99CF-34AC241D5B96",
"versionEndExcluding": "2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure"
},
{
"lang": "es",
"value": "Cryptocat versiones anteriores a 2.0.22, presenta Divulgaci\u00f3n de Informaci\u00f3n del Esquema de Cifrado Multiparte"
}
],
"id": "CVE-2013-4105",
"lastModified": "2024-11-21T01:54:53.553",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T17:15:11.057",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61110"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61110"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2258
Vulnerability from fkie_nvd - Published: 2019-11-04 17:15 - Updated: 2024-11-21 01:51
Severity ?
Summary
Cryptocat before 2.0.22 has Nickname User Impersonation
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61088 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61088 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEBCCD-4B89-408A-99CF-34AC241D5B96",
"versionEndExcluding": "2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Nickname User Impersonation"
},
{
"lang": "es",
"value": "Cryptocat versiones anteriores a 2.0.22, presenta una Suplantaci\u00f3n de Usuario de Nickname."
}
],
"id": "CVE-2013-2258",
"lastModified": "2024-11-21T01:51:20.713",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T17:15:10.680",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61088"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2259
Vulnerability from fkie_nvd - Published: 2019-11-04 17:15 - Updated: 2024-11-21 01:51
Severity ?
Summary
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Product | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61089 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61089 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEBCCD-4B89-408A-99CF-34AC241D5B96",
"versionEndExcluding": "2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview"
},
{
"lang": "es",
"value": "Cryptocat versiones anteriores a 2.0.22, presenta Ejecuci\u00f3n de C\u00f3digo Arbitraria en la Descripci\u00f3n General de la Conversaci\u00f3n de Firefox"
}
],
"id": "CVE-2013-2259",
"lastModified": "2024-11-21T01:51:20.827",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T17:15:10.757",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61089"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2260
Vulnerability from fkie_nvd - Published: 2019-11-04 17:15 - Updated: 2024-11-21 01:51
Severity ?
Summary
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| secalert@redhat.com | https://vuldb.com/?id.9435 | Permissions Required, Third Party Advisory | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61091/info | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://vuldb.com/?id.9435 | Permissions Required, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61091/info | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "47AEBCCD-4B89-408A-99CF-34AC241D5B96",
"versionEndExcluding": "2.0.22",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness"
},
{
"lang": "es",
"value": "Cryptocat versiones anteriores a 2.0.22: La Clave de Matriz de la Funci\u00f3n Cryptocat.random() presenta una Debilidad de Entrop\u00eda"
}
],
"id": "CVE-2013-2260",
"lastModified": "2024-11-21T01:51:20.950",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T17:15:10.820",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.9435"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61091/info"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "https://vuldb.com/?id.9435"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61091/info"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-331"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-2257
Vulnerability from fkie_nvd - Published: 2019-11-04 17:15 - Updated: 2024-11-21 01:51
Severity ?
Summary
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
References
| URL | Tags | ||
|---|---|---|---|
| secalert@redhat.com | https://tobtu.com/decryptocat.php | Product | |
| secalert@redhat.com | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| secalert@redhat.com | https://www.securityfocus.com/bid/61087 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://tobtu.com/decryptocat.php | Product | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.openwall.com/lists/oss-security/2013/07/10/15 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.securityfocus.com/bid/61087 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cryptocat_project | cryptocat | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cryptocat_project:cryptocat:*:*:*:*:*:*:*:*",
"matchCriteriaId": "94F18289-51F5-4CC0-97D9-8167F19BFBEE",
"versionEndExcluding": "2.0.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness"
},
{
"lang": "es",
"value": "Cryptocat versiones anteriores a 2.0.42, presenta una Debilidad de Fuerza Bruta en la Generaci\u00f3n de Clave Privada ECC del Grupo de Chat."
}
],
"id": "CVE-2013-2257",
"lastModified": "2024-11-21T01:51:20.600",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-04T17:15:10.587",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Product"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.securityfocus.com/bid/61087"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-307"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-4106 (GCVE-0-2013-4106)
Vulnerability from cvelistv5 – Published: 2019-11-14 19:56 – Updated: 2024-08-06 16:30
VLAI?
Summary
A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.
Severity ?
No CVSS data available.
CWE
- Overview Nickname XSS
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/pl/?id.9433"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"datePublic": "2012-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Overview Nickname XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T19:56:24",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/pl/?id.9433"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Overview Nickname XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61099",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61099"
},
{
"name": "https://vuldb.com/pl/?id.9433",
"refsource": "MISC",
"url": "https://vuldb.com/pl/?id.9433"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4106",
"datePublished": "2019-11-14T19:56:24",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4108 (GCVE-0-2013-4108)
Vulnerability from cvelistv5 – Published: 2019-11-14 19:14 – Updated: 2024-08-06 16:30
VLAI?
Summary
Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- Unspecified Minor Issues
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "2.0.18"
}
]
}
],
"datePublic": "2012-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unspecified Minor Issues",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T19:14:44",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "2.0.18"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unspecified Minor Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4108",
"datePublished": "2019-11-14T19:14:44",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4109 (GCVE-0-2013-4109)
Vulnerability from cvelistv5 – Published: 2019-11-14 19:00 – Updated: 2024-08-06 16:30
VLAI?
Summary
An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.
Severity ?
No CVSS data available.
CWE
- Handling Unspecified XSS
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cryptocat | Message Handling |
Affected:
1.1.165
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61097"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/es/?id.9445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Message Handling",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "1.1.165"
}
]
}
],
"datePublic": "2012-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Handling Unspecified XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T19:00:37",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61097"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/es/?id.9445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Message Handling",
"version": {
"version_data": [
{
"version_value": "1.1.165"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Handling Unspecified XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61097",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61097"
},
{
"name": "https://vuldb.com/es/?id.9445",
"refsource": "MISC",
"url": "https://vuldb.com/es/?id.9445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4109",
"datePublished": "2019-11-14T19:00:37",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4110 (GCVE-0-2013-4110)
Vulnerability from cvelistv5 – Published: 2019-11-05 12:51 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cryptocat has an Unspecified Chat Participant User List Disclosure
Severity ?
No CVSS data available.
CWE
- User List Disclosure
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "Fixed in 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat has an Unspecified Chat Participant User List Disclosure"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "User List Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T12:51:50",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9446"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "Fixed in 2.0"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat has an Unspecified Chat Participant User List Disclosure"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User List Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61117",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61117"
},
{
"name": "https://vuldb.com/?id.9446",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9446"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4110",
"datePublished": "2019-11-05T12:51:50",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4107 (GCVE-0-2013-4107)
Vulnerability from cvelistv5 – Published: 2019-11-05 12:47 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting
Severity ?
No CVSS data available.
CWE
- Nickname Change XSS
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9442"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61096"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Nickname Change XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T12:47:12",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9442"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61096"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Nickname Change XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://vuldb.com/?id.9442",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9442"
},
{
"name": "https://www.securityfocus.com/bid/61096",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61096"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4107",
"datePublished": "2019-11-05T12:47:12",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2257 (GCVE-0-2013-2257)
Vulnerability from cvelistv5 – Published: 2019-11-04 16:41 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
Severity ?
No CVSS data available.
CWE
- Brute Force Weakness
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Brute Force Weakness",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:41:52",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.42"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Brute Force Weakness"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61087",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2257",
"datePublished": "2019-11-04T16:41:52",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2258 (GCVE-0-2013-2258)
Vulnerability from cvelistv5 – Published: 2019-11-04 16:35 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.22 has Nickname User Impersonation
Severity ?
No CVSS data available.
CWE
- User Impersonation Spoofing
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Nickname User Impersonation"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "User Impersonation Spoofing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:35:11",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22 has Nickname User Impersonation"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User Impersonation Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61088",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2258",
"datePublished": "2019-11-04T16:35:11",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2259 (GCVE-0-2013-2259)
Vulnerability from cvelistv5 – Published: 2019-11-04 16:32 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:32:03",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61089",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2259",
"datePublished": "2019-11-04T16:32:03",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4105 (GCVE-0-2013-4105)
Vulnerability from cvelistv5 – Published: 2019-11-04 16:27 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
Severity ?
No CVSS data available.
CWE
- Plaintext Traffic Disclosure
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61110"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Plaintext Traffic Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:27:30",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61110"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Plaintext Traffic Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61110",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61110"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4105",
"datePublished": "2019-11-04T16:27:30",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2260 (GCVE-0-2013-2260)
Vulnerability from cvelistv5 – Published: 2019-11-04 16:15 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
Severity ?
No CVSS data available.
CWE
- Key Entropy Weakness
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9435"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61091/info"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Key Entropy Weakness",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:15:31",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9435"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61091/info"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Key Entropy Weakness"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://vuldb.com/?id.9435",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9435"
},
{
"name": "https://www.securityfocus.com/bid/61091/info",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61091/info"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2260",
"datePublished": "2019-11-04T16:15:31",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4106 (GCVE-0-2013-4106)
Vulnerability from nvd – Published: 2019-11-14 19:56 – Updated: 2024-08-06 16:30
VLAI?
Summary
A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22.
Severity ?
No CVSS data available.
CWE
- Overview Nickname XSS
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61099"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/pl/?id.9433"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"datePublic": "2012-11-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Overview Nickname XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T19:56:24",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61099"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/pl/?id.9433"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Cross-site scripting (XSS) vulnerability exists in Conversation Overview Nickname in Cryptocat before 2.0.22."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Overview Nickname XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61099",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61099"
},
{
"name": "https://vuldb.com/pl/?id.9433",
"refsource": "MISC",
"url": "https://vuldb.com/pl/?id.9433"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4106",
"datePublished": "2019-11-14T19:56:24",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4108 (GCVE-0-2013-4108)
Vulnerability from nvd – Published: 2019-11-14 19:14 – Updated: 2024-08-06 16:30
VLAI?
Summary
Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- Unspecified Minor Issues
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.043Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "2.0.18"
}
]
}
],
"datePublic": "2012-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Unspecified Minor Issues",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T19:14:44",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4108",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "2.0.18"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Cryptocat Project Cryptocat 2.0.18 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unspecified Minor Issues"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4108",
"datePublished": "2019-11-14T19:14:44",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.043Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4109 (GCVE-0-2013-4109)
Vulnerability from nvd – Published: 2019-11-14 19:00 – Updated: 2024-08-06 16:30
VLAI?
Summary
An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165.
Severity ?
No CVSS data available.
CWE
- Handling Unspecified XSS
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cryptocat | Message Handling |
Affected:
1.1.165
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61097"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/es/?id.9445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Message Handling",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "1.1.165"
}
]
}
],
"datePublic": "2012-08-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Handling Unspecified XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-14T19:00:37",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61097"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/es/?id.9445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4109",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Message Handling",
"version": {
"version_data": [
{
"version_value": "1.1.165"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An unspecified cross-site scripting (XSS) vulnerability exists in Cryptocat Message Handling 1.1.165."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Handling Unspecified XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61097",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61097"
},
{
"name": "https://vuldb.com/es/?id.9445",
"refsource": "MISC",
"url": "https://vuldb.com/es/?id.9445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4109",
"datePublished": "2019-11-14T19:00:37",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.083Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4110 (GCVE-0-2013-4110)
Vulnerability from nvd – Published: 2019-11-05 12:51 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cryptocat has an Unspecified Chat Participant User List Disclosure
Severity ?
No CVSS data available.
CWE
- User List Disclosure
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61117"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9446"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "Fixed in 2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat has an Unspecified Chat Participant User List Disclosure"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "User List Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T12:51:50",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61117"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9446"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4110",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "Fixed in 2.0"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat has an Unspecified Chat Participant User List Disclosure"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User List Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61117",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61117"
},
{
"name": "https://vuldb.com/?id.9446",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9446"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4110",
"datePublished": "2019-11-05T12:51:50",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4107 (GCVE-0-2013-4107)
Vulnerability from nvd – Published: 2019-11-05 12:47 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting
Severity ?
No CVSS data available.
CWE
- Nickname Change XSS
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.026Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9442"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61096"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Nickname Change XSS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-05T12:47:12",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9442"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61096"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4107",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22: cryptocat.js handlePresence() has cross site scripting"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Nickname Change XSS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://vuldb.com/?id.9442",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9442"
},
{
"name": "https://www.securityfocus.com/bid/61096",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61096"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4107",
"datePublished": "2019-11-05T12:47:12",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.026Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2257 (GCVE-0-2013-2257)
Vulnerability from nvd – Published: 2019-11-04 16:41 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness
Severity ?
No CVSS data available.
CWE
- Brute Force Weakness
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.42"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Brute Force Weakness",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:41:52",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.42"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.42 has Group Chat ECC Private Key Generation Brute Force Weakness"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Brute Force Weakness"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61087",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2257",
"datePublished": "2019-11-04T16:41:52",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2258 (GCVE-0-2013-2258)
Vulnerability from nvd – Published: 2019-11-04 16:35 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.22 has Nickname User Impersonation
Severity ?
No CVSS data available.
CWE
- User Impersonation Spoofing
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.080Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61088"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Nickname User Impersonation"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "User Impersonation Spoofing",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:35:11",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61088"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22 has Nickname User Impersonation"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "User Impersonation Spoofing"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61088",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61088"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2258",
"datePublished": "2019-11-04T16:35:11",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.080Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2259 (GCVE-0-2013-2259)
Vulnerability from nvd – Published: 2019-11-04 16:32 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview
Severity ?
No CVSS data available.
CWE
- Arbitrary Code Execution
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.094Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:32:03",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22 has Arbitrary Code Execution on Firefox Conversation Overview"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61089",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2259",
"datePublished": "2019-11-04T16:32:03",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4105 (GCVE-0-2013-4105)
Vulnerability from nvd – Published: 2019-11-04 16:27 – Updated: 2024-08-06 16:30
VLAI?
Summary
Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure
Severity ?
No CVSS data available.
CWE
- Plaintext Traffic Disclosure
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.087Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61110"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Plaintext Traffic Disclosure",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:27:30",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61110"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4105",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22 has Multiparty Encryption Scheme Information Disclosure"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Plaintext Traffic Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://www.securityfocus.com/bid/61110",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61110"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4105",
"datePublished": "2019-11-04T16:27:30",
"dateReserved": "2013-06-12T00:00:00",
"dateUpdated": "2024-08-06T16:30:50.087Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2260 (GCVE-0-2013-2260)
Vulnerability from nvd – Published: 2019-11-04 16:15 – Updated: 2024-08-06 15:27
VLAI?
Summary
Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness
Severity ?
No CVSS data available.
CWE
- Key Entropy Weakness
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:41.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.9435"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.securityfocus.com/bid/61091/info"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cryptocat",
"vendor": "Cryptocat",
"versions": [
{
"status": "affected",
"version": "before 2.0.22"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Key Entropy Weakness",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-04T16:15:31",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://tobtu.com/decryptocat.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.9435"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.securityfocus.com/bid/61091/info"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-2260",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cryptocat",
"version": {
"version_data": [
{
"version_value": "before 2.0.22"
}
]
}
}
]
},
"vendor_name": "Cryptocat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cryptocat before 2.0.22: Cryptocat.random() Function Array Key has Entropy Weakness"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Key Entropy Weakness"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2013/07/10/15",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2013/07/10/15"
},
{
"name": "https://tobtu.com/decryptocat.php",
"refsource": "MISC",
"url": "https://tobtu.com/decryptocat.php"
},
{
"name": "https://vuldb.com/?id.9435",
"refsource": "MISC",
"url": "https://vuldb.com/?id.9435"
},
{
"name": "https://www.securityfocus.com/bid/61091/info",
"refsource": "MISC",
"url": "https://www.securityfocus.com/bid/61091/info"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2260",
"datePublished": "2019-11-04T16:15:31",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:41.091Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}