By the Year
In 2021 there have been 1 vulnerability in Mumble with an average score of 8.8 out of ten. Mumble did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2021 as compared to last year.
It may take a day or so for new Mumble vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.
Latest Mumble Security Vulnerabilities
Mumble before 1.3.4
8.8 - High
- February 16, 2021
Mumble before 1.3.4 allows remote code execution if a victim navigates to a crafted URL on a server list and clicks on the Open Webpage text.
CVE-2021-27229 can be explotited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.
insecure temporary file
murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests
7.5 - High
- January 25, 2019
murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood.
CVE-2018-20743 can be explotited with network access, and does not require authorization privledges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Improper Input Validation