CVE-2024-46935

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:-:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc1:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc2:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc3:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc4:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc5:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc6:*:*:*:*:*:*

History

26 Sep 2024, 17:39

Type Values Removed Values Added
CWE NVD-CWE-noinfo
First Time Rocket.chat
Rocket.chat rocket.chat
References () https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories - () https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories - Release Notes
References () https://github.com/RocketChat/Rocket.Chat/pull/33227 - () https://github.com/RocketChat/Rocket.Chat/pull/33227 - Patch
CPE cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:-:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc2:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc4:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc1:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc5:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc3:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:*:*:*:*:*:*:*:*
cpe:2.3:a:rocket.chat:rocket.chat:6.12.0:rc6:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5

26 Sep 2024, 13:32

Type Values Removed Values Added
Summary
  • (es) Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8 y versiones anteriores son vulnerables a ataques de denegación de servicio (DoS). Los atacantes que creen mensajes con caracteres específicos pueden bloquear el espacio de trabajo debido a un problema en el analizador de mensajes.

25 Sep 2024, 01:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-25 01:15

Updated : 2024-09-26 17:39


NVD link : CVE-2024-46935

Mitre link : CVE-2024-46935

CVE.ORG link : CVE-2024-46935


JSON object : View

Products Affected

rocket.chat

  • rocket.chat