Bug 2263754 (CVE-2024-21490)

Summary: CVE-2024-21490 angular: Inefficient Regular Expression Complexity
Product: [Other] Security Response Reporter: ybuenos
Component: vulnerabilityAssignee: Product Security <prodsec-ir-bot>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: abobrov, aileenc, asoldano, bbaranow, bbuckingham, bcourt, bdettelb, bmaxwell, boliveir, brian.stansberry, caswilli, cdewolf, chazlett, darran.lofthouse, dkreling, doconnor, dosoudil, drichtar, eglynn, ehelms, fjuma, ggainey, gmalinko, gotiwari, hkataria, istudens, ivassile, iweiss, janstey, jcantril, jhorak, jjoyce, jkoops, jschluet, jsherril, juwatts, kaycoth, kshier, lchilton, lgao, lhh, lsvaty, lzap, mburns, mgarciac, mhulan, mosmerov, msochure, mstefank, msvehla, mulliken, mvyas, nmoumoul, nwallace, orabin, pcreech, pdelbell, pdrozd, peholase, pesilva, pgrist, pjindal, pmackay, pskopek, rchan, rhos-maint, rmartinc, rojacob, rowaters, rstancel, rstepani, sfeifer, sipoyare, smaestri, smallamp, sthorger, teagle, tom.jenkinson, tpopela
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
An Inefficient Regular Expression Complexity vulnerability was found in NodeJS Angular. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking, leading to denial of service.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2263755, 2263756, 2263757, 2263758, 2263759    
Bug Blocks: 2263760    

Description ybuenos 2024-02-11 16:25:17 UTC 
This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. 


**Note:**

This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).

https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113
https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos
Comment 1 ybuenos 2024-02-11 16:32:20 UTC 
Created qpid-dispatch tracking bugs for this issue:

Affects: openstack-rdo [bug 2263757]