CVE-2021-43805

Published: Dec 7, 2021

Modified: Aug 4, 2024

PUBLISHED

CVSS v3.1

7.5

HIGH

Description

Solidus is a free, open-source ecommerce platform built on Rails. Versions of Solidus prior to 3.1.4, 3.0.4, and 2.11.13 have a denial of service vulnerability that could be exploited during a guest checkout. The regular expression used to validate a guest order's email was subject to exponential backtracking through a fragment like `a.a.` Versions 3.1.4, 3.0.4, and 2.11.13 have been patched to use a different regular expression. The maintainers added a check for email addresses that are no longer valid that will print information about any affected orders that exist. If a prompt upgrade is not an option, a workaround is available. It is possible to edit the file `config/application.rb` manually (with code provided by the maintainers in the GitHub Security Advisory) to check email validity.

Vendor	Product	Versions
solidusio	solidus	affected `>= 3.1.0, < 3.1.4` affected `>= 3.0.0, < 3.0.4` affected `< 2.11.13`

Weaknesses (CWE)

CWE-1333

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

References

https://github.com/solidusio/solidus/security/advisories/GHSA-qxmr-qxh6-2cc9

x_refsource_CONFIRM

https://github.com/solidusio/solidus/commit/9867153e01e3c3b898cdbcedd7b43375ea922401

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-43805

Description

Affected Products

Weaknesses (CWE)

CVSS v3.1 Details

References