Denial of Service Vulnerability in SSRI 5.2.2-8.0.0

Denial of Service Vulnerability in SSRI 5.2.2-8.0.0

CVE-2021-27290 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

ssri 5.2.2-8.0.0, fixed in 8.0.1, processes SRIs using a regular expression which is vulnerable to a denial of service. Malicious SRIs could take an extremely long time to process, leading to denial of service. This issue only affects consumers using the strict option.

Learn more about our Web Application Penetration Testing UK.