CVE-2019-16215
Published
CVSS v3
6.5
MEDIUM
CVSS v2
4
MEDIUM
Affected
1
PROJECT
Description
The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.
Zulip server and web application. Open-source team chat that helps teams stay productive and focused.
GitHub