Details
Alert ID 40044
Alert Type Active
Status beta
Risk Medium
CWE 776
WASC 44
Technologies Targeted All
Tags CWE-776
OWASP_2021_A04
POLICY_API
POLICY_QA_FULL
POLICY_QA_STD
WSTG-V42-BUSL-09
More Info Scan Rule Help

Summary

An exponential entity expansion, or “billion laughs” attack is a type of denial-of-service (DoS) attack. It is aimed at parsers of markup languages like XML or YAML that allow macro expansions.

Solution

Defenses against this kind of attack include capping the memory allocated in an individual parser if loss of the document is acceptable, or treating entities symbolically and expanding them lazily only when (and to the extent) their content is to be used.

Other Info

References

Code

org/zaproxy/zap/extension/ascanrulesBeta/ExponentialEntityExpansionScanRule.java