Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks, which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://mattermost.com/security-updates |
History
No history.
MITRE
Status: PUBLISHED
Assigner: Mattermost
Published: 2024-04-16T09:05:04.719Z
Updated: 2024-08-01T20:26:57.005Z
Reserved: 2024-04-16T08:51:45.288Z
Link: CVE-2024-3872
Vulnrichment
Updated: 2024-08-01T20:26:57.005Z
NVD
Status : Awaiting Analysis
Published: 2024-04-16T09:15:08.817
Modified: 2024-04-16T13:24:07.103
Link: CVE-2024-3872
Redhat
No data.