Exponential Entity Expansion (Billion Laughs Attack)

Risk:
Medium

Type:
Active

CWE:
CWE-776

Summary: An exponential entity expansion, or “billion laughs” attack is a type of denial-of-service (DoS) attack. It is aimed at parsers of markup languages like XML or YAML that allow macro expansions.

Solution: Defenses against this kind of attack include capping the memory allocated in an individual parser if loss of the document is acceptable, or treating entities symbolically and expanding them lazily only when (and to the extent) their content is to be used.

References

https://en.wikipedia.org/wiki/Billion_laughs_attack

https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing

https://cwe.mitre.org/data/definitions/776.html

Free security scan for your website

Don't show website scan report rating on the leaderboard