Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp() without complexity validation. An on-path attacker can inject specific patterns to cause catastrophic backtracking, resulting in denial of service on all browsing.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HSecurly
APPSecurly3.0.7
Powiązane podatności
Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filter...
Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js....
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauth...
Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via c...
Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iterati...