Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.
References
Link | Resource |
---|---|
https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories | Release Notes |
https://github.com/RocketChat/Rocket.Chat/pull/33227 | Patch |
Configurations
Configuration 1 (hide)
|
History
26 Sep 2024, 17:39
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
First Time |
Rocket.chat
Rocket.chat rocket.chat |
|
References | () https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories - Release Notes | |
References | () https://github.com/RocketChat/Rocket.Chat/pull/33227 - Patch | |
CPE | cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:-:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc2:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc4:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc1:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc5:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc3:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:* cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc6:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
26 Sep 2024, 13:32
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
25 Sep 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-25 01:15
Updated : 2024-09-26 17:39
NVD link : CVE-2024-46935
Mitre link : CVE-2024-46935
CVE.ORG link : CVE-2024-46935
JSON object : View
Products Affected
rocket.chat
- rocket.chat
CWE