{"id":"CVE-2019-16215","details":"The Markdown parser in Zulip server before 2.0.5 used a regular expression vulnerable to exponential backtracking. A user who is logged into the server could send a crafted message causing the server to spend an effectively arbitrary amount of CPU time and stall the processing of future messages.","modified":"2026-04-10T04:15:06.627246Z","published":"2019-09-18T12:15:10.910Z","references":[{"type":"ADVISORY","url":"https://blog.zulip.org/2019/09/11/zulip-server-2-0-5-security-release/"},{"type":"FIX","url":"https://github.com/zulip/zulip/commit/5797f013b3be450c146a4141514bda525f2f1b51"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zulip/zulip","events":[{"introduced":"0"},{"fixed":"2bb3af1ade5bb3613dc88d44164abbe1230cd679"},{"fixed":"5797f013b3be450c146a4141514bda525f2f1b51"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.0.5"}]}}],"versions":["1.3.0","1.3.1","1.3.10","1.3.11","1.3.13","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7","1.3.8","1.3.9","1.4.0","1.5.0","1.6.0","1.7.0","1.8.0","1.8.0-rc1","1.9.0","1.9.0-rc2","1.9.0-rc3","2.0.0","2.0.0-rc1","2.0.1","2.0.2","2.0.3","2.0.4","enterprise-1.1.5","enterprise-1.2.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-16215.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}