CVE-2024-46935

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-46935

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46935.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-46935

Aliases

GHSA-6375-pg5j-8wph

Published

2024-09-25T01:15:44.650Z

Modified

2026-02-05T06:05:58.099570Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

Rocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.

References

Affected packages

Git / github.com/rocketchat/rocket.chat

Affected ranges

Type: GIT
Repo: https://github.com/rocketchat/rocket.chat
Events: Introduced

640d569eeb0ea4e46b8525b84b27d56fab661a41

Fixed

536884c6522a5f75d5faddd7ab65d1e6a19a7f43

Introduced

87005cbff2c8a2a5b066991de94e680b82f6590c

Fixed

9f4a610672ab2bd7e228e27567a1e1da0cf6c6eb

Introduced

623a265851c5eea52c293ddd2fee6a549a5eae87

Fixed

b0bb7f0d0bf1026b7f9cf500833b018af70a7222

Introduced

3b820dcd208302b880dfea14b26962e8c63a87ce

Fixed

ec179e79d45766ae28743e288cb0d72dcd0f97cf

Fixed

f31f31ef96e54751f0e7ba45eb70457ae83df798

Affected versions

6.*

6.10.0

6.10.0-rc.0

6.10.0-rc.1

6.10.0-rc.2

6.10.0-rc.3

6.10.0-rc.4

6.10.0-rc.5

6.10.0-rc.6

6.10.0-rc.7

6.10.1

6.10.2

6.10.3

6.10.4

6.10.5

6.11.0

6.11.1

6.11.2

6.8.0

6.9.0

6.9.0-rc.0

6.9.0-rc.1

6.9.0-rc.2

6.9.1

6.9.2

6.9.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-46935.json"