Inefficient Regular Expression Complexity in rails-html-sanitizer
High severity
GitHub Reviewed
Published
Dec 13, 2022
in
rails/rails-html-sanitizer
•
Updated Sep 14, 2023
Description
Published to the GitHub Advisory Database
Dec 13, 2022
Reviewed
Dec 13, 2022
Published by the National Vulnerability Database
Dec 14, 2022
Last updated
Sep 14, 2023
Summary
Certain configurations of rails-html-sanitizer
< 1.4.4
use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption.Mitigation
Upgrade to rails-html-sanitizer
>= 1.4.4
.Severity
The maintainers have evaluated this as High Severity 7.5 (CVSS3.1).
References
Credit
This vulnerability was responsibly reported by @ooooooo-q (https://github.com/ooooooo-q).
References