What the vulnerability does
01Description
Improper input validation in some Zoom Apps may allow an unauthenticated user to conduct a disclosure of information via network access.
CVSS base score
8.1/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Key dates
02Disclosure timeline
November 19, 2024
CVE published
November 19, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2026-22861 iccDEV has a heap-buffer-overflow in SIccCalcOp::Describe() at IccProfLib/IccMpeCalc.cpp
CVE-2024-50306 Apache Traffic Server: Server process can fail to drop privilege
CVE-2023-3247 Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP
CVE-2026-31830 sigstore-ruby verifier returns success for DSSE bundles with mismatched in-toto subject digest
CVE-2021-41041
