Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-16215

Опубликовано: 18 сент. 2019
Источник: debian
EPSS Низкий

Описание

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
zulip-serveritppackage

EPSS

Процентиль: 65%
0.00488
Низкий

Связанные уязвимости

nvd логотип

CVE-2019-16215

CVSS3: 6.5
nvd
больше 6 лет назад

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

github логотип

GHSA-mmx6-xv2h-w7x8

CVSS3: 6.5
github
больше 3 лет назад

The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.

EPSS

Процентиль: 65%
0.00488
Низкий