Regular Expression Denial of Service (ReDoS) Vulnerability in Rocket.Chat

Regular Expression Denial of Service (ReDoS) Vulnerability in Rocket.Chat

CVE-2021-32832 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13.

Learn more about our Web Application Penetration Testing UK.