Vulnerability — CVE-2023-26116

CVE-2023-26116

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2023-26116
Description:: Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
Last updated date:: 11/03/2023

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/05/2023
Reference url to background: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/05/2023
Reference url to background: https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/30/2023
Reference url to background: https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/30/2023
Reference url to background: https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/30/2023
Reference url to background: https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321