CGA-w87x-27xx-x97v

Published

Last updated

https://images.chainguard.dev/security/CGA-w87x-27xx-x97v

Package

solr

RepositoryWolfi

Latest Update

Under investigation

Aliases

CVE-2023-26116
GHSA-2vrf-hf26-jrp5

Severity

Unknown

Summary

angular vulnerable to regular expression denial of service via the angular.copy() utility

Description

All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.

References

https://nvd.nist.gov/vuln/detail/CVE-2023-26116
https://github.com/advisories/GHSA-2vrf-hf26-jrp5
https://github.com/angular/angular.js
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320
https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322
https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321
https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos

Updates

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

Safe Source for Open Source™

Media Kit Contact Us

Private Policy

CGA-w87x-27xx-x97v

Severity

Summary

Description

References

Updates

Products

Why Chainguard

Customers

Company

Resources