CVE-2023-26117
ADVISORY - githubSummary
All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
EPSS Score: 0.0027 (0.677)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Inefficient Regular Expression Complexity
ADVISORY - github
Inefficient Regular Expression Complexity
ADVISORY - gitlab
ADVISORY - redhat
Inefficient Regular Expression Complexity
NIST
CREATED
UPDATED
ADVISORY IDCVE-2023-26117
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-2qqx-w9hr-q5gx
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2023-26117
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2023-26117
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
5.3mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2023-26117
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumintheWild
CREATED
UPDATED
ADVISORY IDCVE-2023-26117
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-