QwikSec

Security Database

CVE

CWE

Training

CVE-2021-33580

Published: Aug 18, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

User controlled `request.getHeader("Referer")`, `request.getRequestURL()` and `request.getQueryString()` are used to build and run a regex expression. The attacker doesn't have to use a browser and may send a specially crafted Referer header programmatically. Since the attacker controls the string and the regex pattern he may cause a ReDoS by regex catastrophic backtracking on the server side. This problem has been fixed in Roller 6.0.2.

Vendor	Product	Versions
Apache Software Foundation	Apache Roller	affected `Apache Roller - < 6.0.2`

Weaknesses (CWE)

References

https://lists.apache.org/thread.html/r9d967d80af941717573e531db2c7353a90bfd0886e9b5d5d79f75506%40%3Cuser.roller.apache.org%3E

x_refsource_MISC

[oss-security] 20210817 CVE-2021-33580: Apache Roller: regex injection leading to DoS

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.