PT-2019-14258 · Rust · Ammonia

Publicado

2019-04-27

·

Atualizado

2021-08-25

·

CVE-2019-15542

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions ammonia crate versions prior to 2.1.0
Description An issue was discovered in the ammonia crate where uncontrolled recursion occurs during HTML DOM tree serialization. This allows an attacker to cause an abort due to stack overflow by providing a pathologically nested input. The issue arises from the use of recursion for serialization of HTML DOM trees.
Recommendations For ammonia crate versions prior to 2.1.0, update to version 2.1.0 or later, which serializes the DOM tree iteratively instead of using recursion.

Correção

Uncontrolled Recursion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-674

Identificadores relacionados

CVE-2019-15542
GHSA-5HP8-35WJ-M525
RUSTSEC-2019-0001

Produtos afetados

Ammonia