Closed dwisiswant0 closed 2 years ago
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service).
CVE ID: CVE-2021-44686
Vulnerable code: https://github.com/kovidgoyal/calibre/blob/39a22268b930f0d0cf51a42b556982da5f3dbf4d/src/calibre/ebooks/conversion/preprocess.py#L383
To see that the regular expression is vulnerable, copy-paste it into a separate file & run the code as shown below.
import re reg = re.compile(r'<head[^>]*>\n*(.*?)\n*</head>', re.IGNORECASE|re.DOTALL) reg.match('<head>' + '\n' * 1337)
This issue may lead to a denial of service.
CVE requested.
dwisiswant0
commented
2 years ago dwisiswant0
commented
2 years ago
Description
calibre before 5.32.0 contains a regular expression that is vulnerable to ReDoS (Regular Expression Denial of Service).
CVE ID: CVE-2021-44686
Proof of Concept
Vulnerable code: https://github.com/kovidgoyal/calibre/blob/39a22268b930f0d0cf51a42b556982da5f3dbf4d/src/calibre/ebooks/conversion/preprocess.py#L383
To see that the regular expression is vulnerable, copy-paste it into a separate file & run the code as shown below.
Impact
This issue may lead to a denial of service.
References