1353 matches found
CVE-2023-26116
CVE-2023-26116 applies to AngularJS: versions of the angular package up to 1.2.21 are vulnerable to a Regular Expression Denial of Service via the angular.copy() function due to an insecure regex. Exploitation requires a large crafted input and can cause catastrophic backtracking, leading to deni...
CVE-2023-26116
Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...
CVE-2023-26116
Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...
CVE-2023-26116
Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...
CVE-2023-26118
CVE-2023-26118 affects AngularJS (angular.js) via the URL validation function. The vulnerability arises from an insecure regular expression used in input[url], enabling a ReDoS with large crafted inputs and catastrophic backtracking. Public references confirm the issue in AngularJS versions arou...
CVE-2023-26118
Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular expression in the inputurl functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result ...
CVE-2023-26118
Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular expression in the inputurl functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result ...
CVE-2023-26118
Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular expression in the inputurl functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result ...
CVE-2023-26117
Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...
CVE-2023-26117
CVE-2023-26117 affects angular.js: ReDoS via the $resource service caused by an insecure regular expression. Affected: angular.js versions starting at 1.0.0 (as cited). Potential impact is denial of service under large, crafted inputs due to catastrophic backtracking. Remediation details present ...
CVE-2023-26117
Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...
CVE-2023-26117
Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...
PT-2023-4757
Name of the Vulnerable Software and Affected Versions angular versions 1.0.0 and later Description The issue is related to the $resource service in angular, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service ReDoS when a large, carefully-crafted inp...
PT-2023-4755
Name of the Vulnerable Software and Affected Versions angular versions 1.2.21 and later Description The issue is related to the angular.copy utility function, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service ReDoS via a large carefully-crafted...
Angular 安全漏洞
Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. Angular has a security vulnerability that stems from the use of insecure regular expressions that are susceptible to Regular Expression Denial of Service...
Angular 安全漏洞
Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. Angular has a security vulnerability that stems from the use of insecure regular expressions that are susceptible to Regular Expression Denial of Service...
Angular 安全漏洞
Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. Angular has a security vulnerability that stems from the use of insecure regular expressions that are susceptible to Regular Expression Denial of Service...
PT-2023-4756
Name of the Vulnerable Software and Affected Versions angular versions 1.4.9 and later Description The issue is related to the usage of an insecure regular expression in the inputurl functionality of the angular package, which can lead to a Regular Expression Denial of Service ReDoS via the...
10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3075 more potentially affected by CVE-2023-26118 via angular (>=1.4.9 <=1.8.3)
angular NPM version =1.4.9, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26118 Source advisory: SNYK:JS-ANGULAR-3373046...
Regular Expression Denial of Service (ReDoS)
Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...