![]() "The login service of the web console for the products Zoom On-Premise Meeting Connector Controller, Zoom On-Premise Meeting Connector MMR, Zoom On-Premise Recording Connector, Zoom On-Premise Virtual Room Connector and Zoom On-Premise Virtual Room Connector Load Balancer, fails to validate that a NULL byte was sent while authenticating, which could lead to a crash of the login service," Zoom notes. The vulnerability tracked as CVE-2021-34419, with a CVSS score 3.7, affects Zoom Client for Meetings for Ubuntu Linux before version 5.1.0. ![]() "There is an HTML injection flaw when sending a remote control request to a user in the process of in-meeting screen sharing. This could allow meeting participants to be targeted for social engineering attacks," Zoom notes. One of the lowest-rated vulnerabilities patched, tracked as CVE-2021-34421, had a CVSS score of 3.7 and affects Keybase clients for Android and iOS. ![]() The vulnerability affects Android before version 5.8.0 and iOS before version 5.8.0. The Keybase Client for Android and iOS fails to remove exploded messages initiated by a user if the receiving user places the chat session in the background while the sending user explodes the messages, which could lead to disclosure of sensitive information that was meant to be deleted from the customer’s device. #Flaws in zoom keybase kept chat software#.#Flaws in zoom keybase kept chat for android#.#Flaws in zoom keybase kept chat Patch#.
0 Comments
Leave a Reply. |