CVE-2022-23517

2022-12-1417:15:10

CWE-1333

GitHub_M

web.nvd.nist.gov

134

rails-html-sanitizer

html sanitization

vulnerability

cve-2022-23517

denial of service

nvd

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.1

Confidence

High

EPSS

0.001

Percentile

50.5%

JSON

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue has been patched in version 1.4.4.

Affected configurations

Nvd

Vulners

Node

rubyonrailsrails_html_sanitizersRange<1.4.4rails

Node

debiandebian_linuxMatch10.0

VendorProductVersionCPE
rubyonrailsrails_html_sanitizers*cpe:2.3:a:rubyonrails:rails_html_sanitizers:*:*:*:*:*:rails:*:*
debiandebian_linux10.0cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
rubyonrails	rails_html_sanitizers	*	cpe:2.3:a:rubyonrails:rails_html_sanitizers::::::rails::*
debian	debian_linux	10.0	cpe:2.3:o:debian:debian_linux:10.0:::::::*

CNA Affected

[
  {
    "vendor": "rails",
    "product": "rails-html-sanitizer",
    "versions": [
      {
        "version": "< 1.4.4",
        "status": "affected"
      }
    ]
  }
]