Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link.
References
Link | Resource |
---|---|
https://mattermost.com/security-updates |
Configurations
No configuration.
History
16 Apr 2024, 13:24
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
16 Apr 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-04-16 09:15
Updated : 2024-04-16 13:24
NVD link : CVE-2024-3872
Mitre link : CVE-2024-3872
CVE.ORG link : CVE-2024-3872
JSON object : View
Products Affected
No product.
CWE
CWE-400
Uncontrolled Resource Consumption