A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem >= v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
As per OWASP - The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time. For more information, refer to OWASP ReDoS.
- Redcloth gem >= 4.0.0
- Not fixed yet
- CVE-2023-31606
- Regular Expression Denial of Service (ReDoS)
- The sanitize_html function of redcloth is using the below regex to sanitize the html tags.
/<(/)([A-Za-z]\w*)([^>]?)(\s?/?)>/
- This regex is matched with the user input provided in the sanitize_html function.
- An attacker can cause a Denial of Service (DoS) via supplying a crafted payload.
The last commit to the repository was made on 2019-03-28 and the last version v4.3.2 was released on 2016-05-24. The project is no longer maintained.