Details | |
---|---|
Alert ID | 40044 |
Alert Type | Active |
Status | beta |
Risk | Medium |
CWE | 776 |
WASC | 44 |
Technologies Targeted | All |
Tags |
CWE-776 OWASP_2021_A04 POLICY_API POLICY_QA_FULL POLICY_QA_STD WSTG-V42-BUSL-09 |
More Info |
Scan Rule Help |
Summary
An exponential entity expansion, or “billion laughs” attack is a type of denial-of-service (DoS) attack. It is aimed at parsers of markup languages like XML or YAML that allow macro expansions.
Solution
Defenses against this kind of attack include capping the memory allocated in an individual parser if loss of the document is acceptable, or treating entities symbolically and expanding them lazily only when (and to the extent) their content is to be used.Other Info
References
- https://en.wikipedia.org/wiki/Billion_laughs_attack
- https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing
- https://cwe.mitre.org/data/definitions/776.html