CVE-2022-22780
First published: Wed Feb 09 2022(Updated: )
The Zoom Client for Meetings chat functionality was susceptible to Zip bombing attacks in the following product versions: Android before version 5.8.6, iOS before version 5.9.0, Linux before version 5.8.6, macOS before version 5.7.3, and Windows before version 5.6.3. This could lead to availability issues on the client host by exhausting system resources.
Credit: security@zoom.us
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Zoom Meetings | <5.6.3 | |
| Zoom Meetings | <5.7.3 | |
| Zoom Meetings | <5.8.6 | |
| Zoom Meetings | <5.8.6 | |
| Zoom Meetings | <5.9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-22780?
CVE-2022-22780 is a vulnerability in the Zoom Client for Meetings chat functionality that was susceptible to Zip bombing attacks.
Which versions of Zoom are affected by CVE-2022-22780?
The following versions of Zoom are affected: Android before version 5.8.6, iOS before version 5.9.0, Linux before version 5.8.6, macOS before version 5.7.3, and Windows before version 5.6.3.
What is the severity of CVE-2022-22780?
CVE-2022-22780 has a severity rating of high (6.5).
How can I fix CVE-2022-22780?
Update your Zoom Client for Meetings to the latest version available to mitigate the vulnerability.
Where can I find more information about CVE-2022-22780?
You can find more information about CVE-2022-22780 in the Zoom security bulletin: [https://explore.zoom.us/en/trust/security/security-bulletin](https://explore.zoom.us/en/trust/security/security-bulletin)
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/description
- agent/tags
- agent/event
- agent/last-modified-date
- agent/first-publish-date
- agent/softwarecombine
- vendor/zoom
- canonical/zoom meetings