Описание
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| prototypejs | fixed | 1.7.3-1 | package | |
| prototypejs | no-dsa | bullseye | package | |
| prototypejs | no-dsa | buster | package | |
| prototypejs | no-dsa | stretch | package |
Примечания
https://github.com/prototypejs/prototype/blame/dee2f7d8611248abce81287e1be4156011953c90/src/prototype/lang/string.js#L283
https://github.com/yetingli/PoCs/blob/main/CVE-2020-27511/Prototype.md
CVE mentions newer version but vulnerable code exists in older versions too
https://sources.debian.org/src/prototypejs/1.7.1-3/prototype-1.7.1.js/#L617
Связанные уязвимости
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
An issue was discovered in the stripTags and unescapeHTML components in Prototype 1.7.3 version 1.6 and below where an attacker can cause a Regular Expression Denial of Service (ReDOS) through stripping crafted HTML tags.
Уязвимость компонентов stripTags и unescapeHTML фреймворка для работы с DOM и AJAX Prototype, позволяющая нарушителю вызвать отказ в обслуживании