CVE-2022-41964
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2022-41964
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-41964.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2022-41964
- Related
- Published
- 2022-12-16T18:15:08Z
- Modified
- 2025-05-24T03:32:47.356943Z
- Severity
-
- 5.7 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
BigBlueButton is an open source web conferencing system. This vulnerability only affects release candidates of BigBlueButton 2.4. The attacker can start a subscription for poll results before starting an anonymous poll, and use this subscription to see individual responses in the anonymous poll. The attacker had to be a meeting presenter. This issue is patched in version 2.4.0. There are no workarounds.
- References
Affected packages
Git / github.com/bigbluebutton/bigbluebutton
Affected ranges
- Type
- GIT
- Repo
- https://github.com/bigbluebutton/bigbluebutton
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixed
Affected versions
0.*
0.81-dev-deskshare-fixes-compatible-with-0.8
2.*
2.2-beta-10
2.2-beta-11
2.2-beta-12
2.2-beta-14
2.2-beta-15
2.2-beta-16
2.2-beta-17
2.2-beta-18
2.2-beta-19
2.2-beta-2
2.2-beta-20
2.2-beta-21
2.2-beta-22
2.2-beta-23
2.2-beta-3
2.2-beta-4
2.2-beta-5
2.2-beta-6
2.2-beta-7
2.2-beta-8
2.2-beta-9
2.2-rc-1
2.2-rc-2
2.2-rc-3
2.2-rc-4
2.2-rc-5
2.2-rc-6
2.4-rc-2
Other
dcs-2-a
pre-recording-merge
v0.*
v0.7
v0.71
v0.71a
v0.8
v0.81
v0.81b
v0.81rc
v0.81rc2
v0.81rc3
v0.81rc4
v0.81rc5
v0.8b4
v0.8b4.0
v0.8rc2
v0.9.0-beta
v0.9.1
v0.9.2
v1.*
v1.0.0
v1.1.0
v2.*
v2.0-rc2
v2.0-rc3
v2.0-rc4
v2.0-rc5
v2.0-rc6
v2.0-rc7
v2.0.x-html5-beta1
v2.2.0
v2.2.1
v2.2.10
v2.2.11-good
v2.2.12
v2.2.14
v2.2.15
v2.2.16
v2.2.17
v2.2.18
v2.2.19
v2.2.2
v2.2.20
v2.2.21
v2.2.22
v2.2.23
v2.2.24
v2.2.25
v2.2.26
v2.2.27
v2.2.28
v2.2.29
v2.2.3
v2.2.30
v2.2.31
v2.2.32
v2.2.33
v2.2.34
v2.2.35
v2.2.36
v2.2.4
v2.2.5
v2.2.6
v2.2.7
v2.2.8
v2.2.9
v2.3-alpha-1
v2.3-alpha-2
v2.3-alpha-3
v2.3-alpha-4
v2.3-alpha-5
v2.3-alpha-6
v2.3-alpha-7
v2.3-alpha-8
v2.3-beta-1
v2.3-beta-2
v2.3-beta-3
v2.3-beta-4
v2.3-beta-5
v2.3-rc-1
v2.3-rc-2
v2.3.0
v2.3.1
v2.3.10
v2.3.11
v2.3.12
v2.3.13
v2.3.14
v2.3.2
v2.3.3
v2.3.4
v2.3.5
v2.3.6
v2.3.7
v2.3.8
v2.3.9
v2.4-alpha-1
v2.4-alpha-2
v2.4-beta-1
v2.4-beta-2
v2.4-beta-3
v2.4-beta-4
v2.4-rc-1
v2.4-rc-3
v2.4-rc-4
v2.4-rc-5
v2.4-rc-6
v2.4-rc-7