Описание
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse Host HTTP header (Hawk.utils.parseHost()), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. parseHost() was patched in 9.0.1 to use built-in URL class to parse hostname instead. Hawk.authenticate() accepts options argument. If that contains host and port, those would be used instead of a call to utils.parseHost().
A regular expression denial of service (ReDoS) was found in Hawk in its header parsing functionality. The issue arises from inadequate input validation in the Hawk.utils.parseHost() function when processing untrusted input with regular expressions. This flaw allows an attacker to send a specially crafted HTTP header to initiate a ReDoS attack.
Отчет
This flaw is out of support scope and will not be addressed for the dotnet-5.0 product. Please see https://access.redhat.com/support/policy/updates/net-core for more information about dotnet support scope.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| .NET Core 3.1 on Red Hat Enterprise Linux | rh-dotnet31-dotnet | Not affected | ||
| .NET Core 5.0 on Red Hat Enterprise Linux | rh-dotnet50-dotnet | Out of support scope | ||
| Red Hat Enterprise Linux 6 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 7 | firefox | Out of support scope | ||
| Red Hat Enterprise Linux 8 | dotnet3.1 | Not affected | ||
| Red Hat Enterprise Linux 8 | dotnet5.0 | Not affected | ||
| Red Hat Enterprise Linux 8 | firefox | Will not fix | ||
| Red Hat Enterprise Linux 8 | firefox:flatpak/firefox | Will not fix | ||
| Red Hat Enterprise Linux 8 | mozjs60 | Not affected | ||
| Red Hat Enterprise Linux 8 | thunderbird | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`.
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`.
Hawk is an HTTP authentication scheme providing mechanisms for making ...
EPSS
7.5 High
CVSS3