# CVE-2023-31606
## Vulnerability
A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of [redcloth](https://github.com/jgarber/redcloth) gem >= v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
## What is ReDoS?
As per OWASP - The Regular expression Denial of Service (ReDoS) is a Denial of Service attack, that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression to enter these extreme situations and then hang for a very long time. For more information, refer to [OWASP ReDoS](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS).
## Affected Product
- [Redcloth gem](https://github.com/jgarber/redcloth) >= 4.0.0
## Fixed Version
- Not fixed yet
## CVE ID
- CVE-2023-31606
## Vulnerability Type
- Regular Expression Denial of Service (ReDoS)
## Root Cause
- The sanitize_html function of [redcloth](https://owasp.org/www-community/attacks/Regular_expression_Denial_of_Service_-_ReDoS) is using the below regex to sanitize the html tags.
```
/<(/)([A-Za-z]\w*)([^>]?)(\s?/?)>/
```
- This regex is matched with the user input provided in the sanitize_html function.
## Impact
- An attacker can cause a Denial of Service (DoS) via supplying a crafted payload.
## CVSS
- [7.5 High](https://www.first.org/cvss/calculator/3.1#CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
The last commit to the repository was made on 2019-03-28 and the last version v4.3.2 was released on 2016-05-24. The project is no longer maintained.
## References
- https://github.com/jgarber/redcloth/issues/73
[4.0K] /data/pocs/191ed1619e0188ef8ead0c8f46a1eaf06212dcec
└── [1.8K] README.md
0 directories, 1 file