Vulnerable Regular Expression #5
Comments
|
@cristianstaicu, thanks for sharing the concern. Yes can you share the example. I can bake it as a test case. |
|
@cristianstaicu did you provide @skoranga with a proof of concept yet? |
|
🛠️ A fix has been provided for this issue. Please reference: 418sec#1 🔥 This fix has been provided through the https://huntr.dev/ bug bounty platform. |
|
Would it be possible to get a security advisory created for this? Only maintainers on the repo can draft it otherwise I'd help. Instructions can be found here https://docs.github.com/en/github/managing-security-vulnerabilities/creating-a-security-advisory |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The following regular expression introduced for validating the hostname is vulnerable to ReDoS:
/^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9]).)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9-]*[A-Za-z0-9])$/The slowdown is very serious: for 40 characters around 5 seconds matching time. I would suggest one of the following:
Moreover, the regular expression allows validation bypassing and hence arbitrary command execution!!!
If needed, I can provide an actual example showing the slowdown or the validation bypass.
The text was updated successfully, but these errors were encountered: