ReDoS Vulnerability in Chat History Filtering via Regular Expression Injection
A ReDoS vulnerability was identified in the latest version of the chat history filtering function, which was patched in the subsequent release. The vulnerability allows an attacker to inject a malicious regular expression, causing significant delays in processing.
Available publicly on Jun 25 2024
Threat Overview
The vulnerability exists in the filter_history function, which filters chat history based on user-provided keywords. The function uses the re.search method without sanitizing the input keyword, allowing an attacker to inject a complex regular expression. This can lead to a Regular Expression Denial of Service (ReDoS) by causing excessive backtracking, significantly slowing down or even halting the system.
Attack Scenario
An attacker could exploit this vulnerability by submitting a specially crafted regular expression as the keyword in the chat history search. For example, using the regex A(B|C+)+D against a chat history entry named ACCCCCCCCCCCCCCCCCCCCCCCCCCCCCE would cause the system to take an excessively long time to process the request, leading to a denial of service.
Who is affected
Users of the latest version of the chat application who utilize the chat history filtering feature are affected. This includes both individual users and organizations relying on the service for communication.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.