| Severity |
|
| Remote |
|
| Type |
| - |
Unknown |
| + |
Denial of service |
|
| Description |
| + |
uBlock Origin before 1.36.2 supports an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality). |
|
| References |
| + |
https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc |
| + |
https://github.com/uBlockOrigin/uBlock-issues/issues/1649 |
| + |
https://github.com/gorhill/uBlock/commit/365b20e8cc27cd776ef3868b02ea739ba387356d |
|
| Notes |
|