MooTools is a collection of JavaScript utilities for JavaScript developers. All known versions include a CSS selector parser that is vulnerable to Regular Expression Denial of Service (ReDoS). An attack requires that an attacker can inject a string into a CSS selector at runtime, which is quite common with e.g. jQuery CSS selectors. No patches are available for this issue.
References
Link | Resource |
---|---|
https://securitylab.github.com/advisories/GHSL-2020-345-redos-mootools/ | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-01-03T00:00:00
Updated: 2023-01-03T00:00:00
Reserved: 2021-05-12T00:00:00
Link: CVE-2021-32821
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-03T17:15:10.210
Modified: 2023-01-10T15:02:29.047
Link: CVE-2021-32821
JSON object: View
Redhat Information
No data.