An issue was discovered in Mattermost Server before 5.9.0, 5.8.1, 5.7.3, and 4.10.8. The Markdown library allows catastrophic backtracking.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mattermost_server | Mattermost | * | 4.10.8 (excluding) |
| Mattermost_server | Mattermost | 5.7.0 (including) | 5.7.3 (excluding) |
| Mattermost_server | Mattermost | 5.8.0 (including) | 5.8.1 (excluding) |
| Mattermost_server | Mattermost | 5.9.0-rc1 (including) | 5.9.0-rc1 (including) |
| Mattermost_server | Mattermost | 5.9.0-rc2 (including) | 5.9.0-rc2 (including) |
| Mattermost_server | Mattermost | 5.9.0-rc3 (including) | 5.9.0-rc3 (including) |
| Mattermost_server | Mattermost | 5.9.0-rc4 (including) | 5.9.0-rc4 (including) |