Bug 2183109 (CVE-2023-26116)

Summary: CVE-2023-26116 angularjs: Regular Expression Denial of Service via angular.copy()
Product: [Other] Security Response Reporter: Pedro Sampaio <psampaio>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: abobrov, aileenc, amctagga, aoconnor, asoldano, bbaranow, bdettelb, bmaxwell, bniver, boliveir, brian.stansberry, caswilli, cdewolf, chazlett, darran.lofthouse, dkreling, doconnor, dosoudil, drichtar, eglynn, erack, fjuma, flucifre, fmuellner, fzatlouk, gblomqui, gmalinko, gmeno, gotiwari, grafana-maint, istudens, ivassile, iweiss, janstey, jhorak, jjoyce, jkoops, jkurik, jschluet, jwendell, kaycoth, lchilton, lgao, lhh, lsvaty, mabashia, mbenjamin, mburns, mgarciac, mhackett, mosmerov, msochure, msvehla, mvyas, nathans, nwallace, pdelbell, pdrozd, peholase, pesilva, pgrist, pjindal, pmackay, pskopek, rcernich, rhos-maint, rmartinc, rowaters, rstancel, rstepani, sfeifer, smaestri, smcdonal, sostapov, spower, sthorger, stransky, teagle, tom.jenkinson, tpopela, twalsh, vereddy
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in AngularJS, where it is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the angular.copy() utility function. By providing specially-crafted regex input, a remote attacker can cause a denial of service.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2207890, 2207891, 2208184, 2208185, 2208186, 2208187, 2208188, 2208190, 2208192, 2208193, 2211131, 2211132, 2211133, 2211134, 2211135, 2211136, 2211137, 2211138, 2211139, 2211140, 2211141, 2211142, 2211143, 2211144, 2211145    
Bug Blocks: 2183111    

Description Pedro Sampaio 2023-03-30 12:20:18 UTC 
angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.

References:

https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos
https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
Comment 3 Avinash Hanwate 2023-05-18 08:46:46 UTC 
Created firefox tracking bugs for this issue:

Affects: fedora-all [bug 2208184]


Created icecat tracking bugs for this issue:

Affects: fedora-all [bug 2208185]


Created mozjs102 tracking bugs for this issue:

Affects: fedora-all [bug 2208186]


Created mozjs78 tracking bugs for this issue:

Affects: fedora-all [bug 2208187]


Created qpid-dispatch tracking bugs for this issue:

Affects: openstack-rdo [bug 2208190]


Created thunderbird tracking bugs for this issue:

Affects: fedora-all [bug 2208188]