HandlebarsJS 4.x < 4.5.5 Regular Expression Denial Of Service

high Web App Scanning Plugin ID 114094

Language:

Synopsis

HandlebarsJS 4.x < 4.5.5 Regular Expression Denial Of Service

Description

According to its self-reported version number, HandlebarsJS on the remote server is 4.x prior to 4.5.5. Therefore, it may be affected by a Regular Expression Denial Of Service (ReDoS) vulnerability because of eager matching. The Parser may e forced into a endless loop while processing crafted templates, potentially permitting attackers to exhaust system resources.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

Solution

Upgrade to HandlebarsJS version 4.5.5 or later.

See Also

https://github.com/handlebars-lang/handlebars.js/commit/8d5530ee2c3ea9f0aee3fde310b9f36887d00b8b

Plugin Details

Severity: High

ID: 114094

Type: remote

Family: Component Vulnerability

Published: 10/24/2023

Updated: 10/25/2023

Scan Template: api, basic, full, pci, scan

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: High

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS Score Source: CVE-2019-20922

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVSS Score Source: CVE-2019-20922

Vulnerability Information

CPE: cpe:2.3:a:handlebarsjs:handlebars:-:*:*:*:*:*:*:*

Exploit Ease: No known exploits are available

Patch Publication Date: 10/20/2019

Vulnerability Publication Date: 9/30/2020

Reference Information

CVE: CVE-2019-20922

CWE: 400

OWASP: 2013-A9, 2017-A9, 2021-A6

WASC: Denial of Service

CAPEC: 147, 197, 492

DISA STIG: APSC-DV-002400, APSC-DV-002630

HIPAA: 164.306(a)(1), 164.306(a)(2)

ISO: 27001-A.12.6.1, 27001-A.14.2.5

NIST: sp800_53-CM-6b, sp800_53-SC-5

OWASP API: 2019-API7, 2023-API8

OWASP ASVS: 4.0.2-14.2.1

PCI-DSS: 3.2-2.2, 3.2-6.2