CVE-2024-46935

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-46935
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46935.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-46935
Aliases
Published
2024-09-25T01:15:44.650Z
Modified
2026-04-10T05:17:13.106700Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.

References

Affected packages

Git / github.com/rocketchat/rocket.chat

Affected ranges

Type
GIT
Repo
https://github.com/rocketchat/rocket.chat
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
f31f31ef96e54751f0e7ba45eb70457ae83df798
Introduced
87005cbff2c8a2a5b066991de94e680b82f6590c
Fixed
9f4a610672ab2bd7e228e27567a1e1da0cf6c6eb
Introduced
3b820dcd208302b880dfea14b26962e8c63a87ce
Fixed
ec179e79d45766ae28743e288cb0d72dcd0f97cf
Introduced
623a265851c5eea52c293ddd2fee6a549a5eae87
Fixed
b0bb7f0d0bf1026b7f9cf500833b018af70a7222
Introduced
640d569eeb0ea4e46b8525b84b27d56fab661a41
Fixed
536884c6522a5f75d5faddd7ab65d1e6a19a7f43
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ecff0a61cc9dce7597743799da098629ad9a088d
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "6.7.9"
        },
        {
            "introduced": "6.8.0"
        },
        {
            "fixed": "6.8.7"
        },
        {
            "introduced": "6.9.0"
        },
        {
            "fixed": "6.9.7"
        },
        {
            "introduced": "6.10.0"
        },
        {
            "fixed": "6.10.6"
        },
        {
            "introduced": "6.11.0"
        },
        {
            "fixed": "6.11.3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "6.12.0-NA"
        }
    ]
}

Affected versions

0.*
0.10.0
0.10.1
0.10.2
0.11.0
0.13.0
0.14.0
0.15.0
0.16.0
0.17.0
0.18.0
0.19.0
0.23.0
0.24.0
0.25.0
0.26.0
0.27.0
0.28.0
0.29.0
0.30.0
0.36.0
0.37.0
0.37.1
0.38.0
0.39.0
0.40.0
0.40.1
0.41.0
0.42.0
0.43.0
0.44.0
0.45.0
0.46.0
0.48.0
0.49.0
0.49.1
0.49.2
0.49.3
0.49.4
0.50.0
0.54.0
0.54.1
0.56.0
0.56.0-rc.0
0.56.0-rc.1
0.56.0-rc.2
0.56.0-rc.3
0.56.0-rc.4
0.56.0-rc.5
0.56.0-rc.6
0.56.0-rc.7
0.57.0
0.57.1
0.57.2
0.58.0
0.58.1
0.58.2
0.59.0
0.59.1
0.59.2
0.59.3
0.59.4
0.59.5
0.59.6
0.60.0
0.60.1
0.60.2
0.60.3
0.60.4
0.61.0
0.61.1
0.61.2
0.62.0
0.62.1
0.62.2
0.63.0
0.63.1
0.63.2
0.63.3
0.64.0
0.64.1
0.64.2
0.65.0
0.65.1
0.65.2
0.66.0
0.66.1
0.66.2
0.66.3
0.67.0
0.68.0
0.68.1
0.68.2
0.68.3
0.68.4
0.68.5
0.69.0
0.69.1
0.69.2
0.70.0
0.70.1
0.70.2
0.70.3
0.70.4
0.71.0
0.71.1
0.72.0
0.72.1
0.72.2
0.72.3
0.73.0
0.73.1
0.73.2
0.74.0
0.74.1
0.74.2
0.74.3
0.8.0
1.*
1.0.0
1.0.1
1.0.2
1.0.3
1.1.0
1.1.1
1.1.2
1.1.3
1.2.0
1.2.1
1.3.0
1.3.1
1.3.2
2.*
2.0.0
2.1.0
2.1.1
2.1.2
2.2.0
2.3.0
2.3.1
2.3.2
2.4.0
2.4.1
2.4.2
2.4.3
2.4.4
2.4.5
2.4.6
2.4.7
2.4.8
2.4.9
3.*
3.0.0
3.0.1
3.0.10
3.0.11
3.0.12
3.0.2
3.0.3
3.0.4
3.0.5
3.0.6
3.0.7
3.0.8
3.0.9
3.1.0
3.1.1
3.1.2
3.10.0
3.10.1
3.10.2
3.10.3
3.10.4
3.10.5
3.11.0
3.11.1
3.12.0
3.12.1
3.12.2
3.12.3
3.13.0
3.13.1
3.13.2
3.13.3
3.14.0
3.14.1
3.14.2
3.14.3
3.14.4
3.15.0
3.15.1
3.15.2
3.16.0
3.16.1
3.16.2
3.16.3
3.16.4
3.17.0
3.17.1
3.17.2
3.18.0
3.18.1
3.18.2
3.2.0
3.2.1
3.2.2
3.3.0
3.3.1
3.3.2
3.3.3
3.4.0
3.4.1
3.4.2
3.5.0
3.5.1
3.5.2
3.5.3
3.5.4
3.6.0
3.6.1
3.6.2
3.6.3
3.7.0
3.7.1
3.7.2
3.8.0
3.8.1
3.8.2
3.9.0
3.9.1
3.9.2
3.9.3
4.*
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.1.0
4.1.1
4.1.2
4.2.0
4.2.1
4.2.2
4.3.0
4.3.1
4.3.2
4.3.3
4.4.0
4.4.1
4.4.2
4.4.4
4.5.0
4.5.1
4.5.2
4.5.3
4.5.4
4.5.5
4.6.0
4.6.1
4.6.2
4.6.3
4.7.0
4.7.1
4.7.2
4.7.3
4.8.0
4.8.2
5.*
5.0.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.1.0
5.1.1
5.1.3
5.1.4
5.2.0
5.3.0
5.3.1
5.3.2
5.3.4
5.3.5
5.4.0
5.4.1
5.4.2
5.4.3
5.4.4
6.*
6.0.0
6.0.1
6.1.0
6.1.1
6.1.2
6.1.3
6.1.4
6.1.5
6.1.6
6.1.7
6.10.0
6.10.1
6.10.2
6.10.3
6.10.4
6.10.5
6.11.0
6.11.1
6.11.2
6.12.0
6.2.0
6.2.1
6.2.10
6.2.11
6.2.2
6.2.3
6.2.4
6.2.5
6.2.6
6.2.8
6.2.9
6.3.0
6.3.1
6.3.2
6.3.3
6.3.4
6.3.5
6.3.6
6.3.7
6.3.8
6.4.0
6.4.1
6.4.2
6.4.3
6.4.4
6.4.5
6.4.6
6.4.7
6.4.8
6.5.0
6.5.1
6.5.2
6.5.3
6.6.0
6.6.1
6.6.2
6.6.3
6.6.4
6.6.5
6.6.6
6.7.0
6.7.1
6.7.2
6.7.3
6.7.4
6.7.5
6.7.6
6.7.7
6.7.8
6.8.0
6.8.1
6.8.2
6.8.3
6.8.4
6.8.5
6.8.6
6.9.0
6.9.1
6.9.2
6.9.3
6.9.4
6.9.5
6.9.6

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.12.0-rc1"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.12.0-rc2"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.12.0-rc3"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.12.0-rc4"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.12.0-rc5"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "6.12.0-rc6"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46935.json"