Bug 1813309 (CVE-2019-10768)
Summary: | CVE-2019-10768 AngularJS: Prototype pollution in merge function could result in code injection | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Michael Kaplan <mkaplan> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | aileenc, alazarot, anpicker, anstephe, apevec, ataylor, bdettelb, bmontgom, chazlett, drieden, eglynn, emingora, eparis, erooth, etirelli, ggaughan, gmalinko, ibek, janstey, jburrell, jjoyce, jochrist, jokerman, jrokos, jross, jstastny, jwon, krathod, kverlaen, lcosic, lhh, mburns, mgarciac, mnovotny, nstielau, pjindal, rcernich, rguimara, rhos-maint, rrajasek, sponnaga, spower, surbania, tomckay, tzimanyi |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | angularjs 1.7.9 | Doc Type: | If docs needed, set a value |
Doc Text: |
A prototype pollution vulnerability was found in AngularJS. A remote attacker could abuse this flaw by providing malicious input to the merge() function by overriding or adding properties of the Object.prototype, allowing possible injection of code.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2021-10-28 01:29:47 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1958829, 1958830, 1958831, 1848734, 1848735, 2112524, 2112525, 2129242 | ||
Bug Blocks: | 1813366 |
Description
Michael Kaplan
2020-03-13 14:05:33 UTC
Statement: Whilst servicemesh-grafana, and grafana-container both include a vulnerable version of angular.js (v1.6.6) the impact is lowered due to Grafana not directly implementing the angular.merge function. This also affects Fedora, as far as I can tell. I issued a PR here: https://src.fedoraproject.org/rpms/python-XStatic-Angular/pull-request/1 This issue has been addressed in the following products: Red Hat OpenStack Platform 16.2 Via RHSA-2022:8849 https://access.redhat.com/errata/RHSA-2022:8849 This issue has been addressed in the following products: Red Hat OpenStack Platform 16.1 Via RHSA-2022:8866 https://access.redhat.com/errata/RHSA-2022:8866 This issue has been addressed in the following products: Red Hat OpenStack Platform 17.0 Via RHSA-2023:0274 https://access.redhat.com/errata/RHSA-2023:0274 |