{"uuid": "233214ff-010d-4eb7-916d-cf2f68c85a1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-34425", "type": "seen", "source": "https://t.me/cibsecurity/33969", "content": "\u203c CVE-2021-34425 \u203c\n\nThe Zoom Client for Meetings before version 5.7.3 (for Android, iOS, Linux, macOS, and Windows) contain a server side request forgery vulnerability in the chat\u00e2\u20ac\u2122s \u00e2\u20ac\u0153link preview\u00e2\u20ac\ufffd functionality. In versions prior to 5.7.3, if a user were to enable the chat\u00e2\u20ac\u2122s \u00e2\u20ac\u0153link preview\u00e2\u20ac\ufffd feature, a malicious actor could trick the user into potentially sending arbitrary HTTP GET requests to URLs that the actor cannot reach directly.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-14T22:14:39.000000Z"}