6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.009 Low
EPSS
Percentile
82.9%
The vulnerability, reported by GoSecure Inc, allows Remote Code Execution, if you call expressions.compile(userControlledInput)
where userControlledInput
is text that comes from user input.
This time, the security of the package could be bypassed by using a more complex payload, using a .constructor.constructor
technique.
Users should upgrade to version 1.1.2 of angular-expressions
A temporary workaround might be either to :
OR
if (/^[|a-zA-Z.0-9 :"'+-?]+$/.test(userControlledInput)) {
var result = expressions.compile(userControlledInput);
}
else {
result = undefined;
}
Removal of angular-expression sandbox
If you have any questions or comments about this advisory:
The issue was reported by Maxime Nadeau from GoSecure, Inc.
CPE | Name | Operator | Version |
---|---|---|---|
angular-expressions | lt | 1.1.2 |
blog.angularjs.org/2016/09/angular-16-expression-sandbox-removal.html
github.com/advisories/GHSA-j6px-jwvv-vpwq
github.com/peerigon/angular-expressions/commit/07edb62902b1f6127b3dcc013da61c6316dd0bf1
github.com/peerigon/angular-expressions/security/advisories/GHSA-j6px-jwvv-vpwq
nvd.nist.gov/vuln/detail/CVE-2021-21277
www.npmjs.com/package/angular-expressions
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.009 Low
EPSS
Percentile
82.9%