CVE-2024-36612
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Nov 29, 2024
Updated: Dec 2, 2024
CWE ID 125
Summary
CVE-2024-36612 represents a memory leak vulnerability discovered in Zulip versions 8.0 to 8.3. This issue arises from the application's handling of popovers, allowing an attacker to potentially exploit the memory leak and execute arbitrary code or cause a denial-of-service condition. The vulnerability might be exploited by malicious actors to gain unauthorized access or cause system instability. Users are strongly encouraged to update their Zulip installations to the latest, secure version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share