multipart Library Denial-of-Service Vulnerability via Exponential Backtracking in Header Parsing
Vulnerability
A denial-of-service vulnerability has been identified in the multipart library for Python, specifically in versions prior to 1.2.2, 1.3.1, and 1.4.0-dev. The issue arises in the parse_options_header() function within multipart.py, where a regular expression with ambiguous alternation can lead to exponential backtracking. This behavior allows for denial-of-service attacks by causing significant slowdowns in web applications that use this library to parse request headers or multipart/form-data streams. The vulnerability can block request handling threads for several seconds per request.
Impact
Exploitation of this vulnerability causes a substantial slowdown in request processing, effectively blocking handling threads for multiple seconds per request. This disruption can lead to degraded application performance and responsiveness.
Remediation
Users can upgrade to multipart versions 1.2.2, 1.3.1, or 1.4.0-dev to address this vulnerability.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.