HistoryEdit

RUSTSEC-2019-0001

Uncontrolled recursion leads to abort in HTML serialization

Reported
Issued
Package
ammonia (crates.io)
Type
Vulnerability
Keywords
#stack-overflow #crash
Aliases
Details
https://github.com/rust-ammonia/ammonia/blob/master/CHANGELOG.md#210
CVSS Score
7.5 HIGH
CVSS Details
Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Patched
  • >=2.1.0
Affected Functions
Version
ammonia::Document::to_string
  • <2.1.0
ammonia::Document::write_to
  • <2.1.0
ammonia::clean
  • <2.1.0

Description

Affected versions of this crate did use recursion for serialization of HTML DOM trees.

This allows an attacker to cause abort due to stack overflow by providing a pathologically nested input.

The flaw was corrected by serializing the DOM tree iteratively instead.