The Markdown parser in Zulip server befo... CVE-2019-16215

4.0 AV AC AU C I A
发布: 2019-09-18
修订: 2019-09-27

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

0%
暂无可用Exp或PoC
当前有44条受影响产品信息