7.5
CVE-2024-46935
- EPSS 0.57%
- Veröffentlicht 25.09.2024 01:15:44
- Zuletzt bearbeitet 25.03.2025 17:16:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginRocket.Chat 6.12.0, 6.11.2, 6.10.5, 6.9.6, 6.8.6, 6.7.8, and earlier is vulnerable to denial of service (DoS). Attackers who craft messages with specific characters may crash the workspace due to an issue in the message parser.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rocket.Chat ≫ Rocket.Chat Version < 6.7.9
Rocket.Chat ≫ Rocket.Chat Version >= 6.8.0 < 6.8.7
Rocket.Chat ≫ Rocket.Chat Version >= 6.9.0 < 6.9.7
Rocket.Chat ≫ Rocket.Chat Version >= 6.10.0 < 6.10.6
Rocket.Chat ≫ Rocket.Chat Version >= 6.11.0 < 6.11.3
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Update-
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Updaterc1
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Updaterc2
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Updaterc3
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Updaterc4
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Updaterc5
Rocket.Chat ≫ Rocket.Chat Version6.12.0 Updaterc6
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.57% | 0.426 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
https://docs.rocket.chat/docs/rocketchat-security-fixes-updates-and-advisories
https://github.com/RocketChat/Rocket.Chat/pull/33227