CVE-2021-36773 - log back

CVE-2021-36773 edited at 18 Jul 2021 08:21:39
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Denial of service
Description
+ uBlock Origin before 1.36.2 supports an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality).
References
+ https://github.com/vtriolet/writings/blob/main/posts/2021/ublock_origin_and_umatrix_denial_of_service.adoc
+ https://github.com/uBlockOrigin/uBlock-issues/issues/1649
+ https://github.com/gorhill/uBlock/commit/365b20e8cc27cd776ef3868b02ea739ba387356d
Notes
CVE-2021-36773 created at 18 Jul 2021 08:19:22