CVE-2024-3872 Information

Description

Mattermost Mobile app versions 2.13.0 and earlier use a regular expression with polynomial complexity to parse certain deeplinks which allows an unauthenticated remote attacker to freeze or crash the app via a long maliciously crafted link.

Reference

https://mattermost.com/security-updates