Impact
"Push rules" can specify conditions under which they will match, including event_match, which matches event content against a pattern including wildcards.
Certain patterns can cause very poor performance in the matching engine, leading to a denial-of-service when processing moderate length events.
Patches
The issue is patched by 03318a7.
Workarounds
A potential workaround might be to prevent users from making custom push rules, by blocking such requests at a reverse-proxy.
For more information
If you have any questions or comments about this advisory, email us at [email protected].
Impact
"Push rules" can specify conditions under which they will match, including
event_match, which matches event content against a pattern including wildcards.Certain patterns can cause very poor performance in the matching engine, leading to a denial-of-service when processing moderate length events.
Patches
The issue is patched by 03318a7.
Workarounds
A potential workaround might be to prevent users from making custom push rules, by blocking such requests at a reverse-proxy.
For more information
If you have any questions or comments about this advisory, email us at [email protected].