Miggo Logo

CVE-2021-43805: ReDos vulnerability on guest checkout email validation

7.5

CVSS Score
3.1

Basic Information

EPSS Score
0.31625%
Published
12/7/2021
Updated
5/4/2023
KEV Status
No
Technology
TechnologyRuby

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
solidus_corerubygems< 2.11.132.11.13
solidus_corerubygems>= 3.0.0, < 3.0.43.0.4
solidus_corerubygems>= 3.1.0, < 3.1.43.1.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems directly from the EMAIL_REGEXP constant in Spree::EmailValidator, which used an inefficient regex pattern. The commit diff shows this regex was replaced with URI::MailTo::EMAIL_REGEXP to mitigate ReDos. The reproduction example demonstrates how this specific regex caused exponential backtracking, and the CWE-1333 classification confirms it's an inefficient regex issue. No other functions are implicated in the vulnerability description or patches.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t **ni*l o* s*rvi** vuln*r**ility t**t *oul* ** *xploit** *urin* * *u*st ****kout. T** r**ul*r *xpr*ssion us** to v*li**t* * *u*st or**r's *m*il w*s su*j**t to *xpon*nti*l ***ktr**kin* t*rou** * *r**m*nt lik* `*.*.`. ***or* t** p*t**, it **

Reasoning

T** vuln*r**ility st*ms *ir**tly *rom t** *M*IL_R***XP *onst*nt in Spr**::*m*ilV*li**tor, w*i** us** *n in***i*i*nt r***x p*tt*rn. T** *ommit *i** s*ows t*is r***x w*s r*pl**** wit* URI::M*ilTo::*M*IL_R***XP to miti**t* R**os. T** r*pro*u*tion *x*mpl