/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-3f6g-367x-w7rg

Published

Last updated

https://images.chainguard.dev/security/CGA-3f6g-367x-w7rg
Package

solr

RepositoryWolfi
Latest Update
Under investigation
Aliases
  • CVE-2022-25844
  • GHSA-m2h2-264f-f486

Severity

Unknown

Summary

angular vulnerable to regular expression denial of service (ReDoS)

Description

AngularJS lets users write client-side web applications. The package angular after 1.7.0 is vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value.

Note:

  1. This package has been deprecated and is no longer maintained.
  2. The vulnerable versions are 1.7.0 and higher.

References

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsPricingContact UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogEventsTrust CenterDocumentation