Lucene search
+L

7 matches found

Veracode
Veracode
added 2022/05/04 7:23 a.m.1798 views

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to regular expression denial of service. An attacker can crash the application by providing a very high value of custom locale rule through the posPre attribute in the parsePattern function of parser.js...

7.5CVSS3.9AI score0.04927EPSS
Exploits1References7Affected Software2
RedhatCVE
RedhatCVE
added 2022/05/02 12:58 p.m.52 views

CVE-2022-25844

A flaw was found in the Angular package. The angular package is vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value...

7.5CVSS2.6AI score0.04927EPSS
Exploits1References3
NVD
NVD
added 2022/05/01 4:15 p.m.17 views

CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS0.04927EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2022/05/01 4:15 p.m.63 views

CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS6.7AI score0.04927EPSS
Exploits1References7
OSV
OSV
added 2022/05/01 4:15 p.m.20 views

UBUNTU-CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS6.7AI score0.04927EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2022/05/01 3:25 p.m.58 views

CVE-2022-25844

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...

7.5CVSS6.7AI score0.04927EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2022/05/01 12:0 a.m.6 views

PT-2022-6868

Name of the Vulnerable Software and Affected Versions angular versions 1.7.0 and higher Description The issue is related to the use of a regular expression with inefficient computational complexity in the Angular application design environment and single-page application development platform. Thi...

7.8CVSS7AI score0.04927EPSS
Exploits1References40
Rows per page
Query Builder