CVE-2023-26118
ADVISORY - githubSummary
All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
EPSS Score: 0.0027 (0.677)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Inefficient Regular Expression Complexity
ADVISORY - github
Inefficient Regular Expression Complexity
ADVISORY - gitlab
ADVISORY - redhat
Inefficient Regular Expression Complexity
NIST
CREATED
UPDATED
ADVISORY IDCVE-2023-26118
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumGitHub
CREATED
UPDATED
ADVISORY IDGHSA-qwqh-hm9m-p5hr
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumDebian
CREATED
UPDATED
ADVISORY IDCVE-2023-26118
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
Ubuntu
CREATED
UPDATED
ADVISORY IDCVE-2023-26118
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-
CVSS SCORE
5.3mediumRed Hat
CREATED
UPDATED
ADVISORY IDCVE-2023-26118
EXPLOITABILITY SCORE
3.9
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)
CVSS SCORE
5.3mediumintheWild
CREATED
UPDATED
ADVISORY IDCVE-2023-26118
EXPLOITABILITY SCORE
-
EXPLOITS FOUND
-
COMMON WEAKNESS ENUMERATION (CWE)-