CVE-2024-24975

CWE-400Uncontrolled Resource Consumption3 documents3 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 69.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mattermost Mattermost Mobile
Timeline
PublishedMar 15

Description

Uncontrolled Resource Consumption in Mattermost Mobile versions before 2.13.0 fails to limit the size of the code block that will be processed by the syntax highlighter, allowing an attacker to send a very large code block and crash the mobile app.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:LExploitability: 2.1 | Impact: 1.4

Affected Packages2 packages

🔴Vulnerability Details

2
CVEList
Denial of Service for mobile app users due to automatic code highlighting2024-03-15
GHSA
GHSA-8jjg-p984-x7q6: Uncontrolled Resource Consumption in Mattermost Mobile versions before 22024-03-15
CVE-2024-24975 (MEDIUM CVSS 6.5) | Uncontrolled Resource Consumption i | cvebase.io