Bug 2183110 (CVE-2023-26118) - CVE-2023-26118 angularjs: Regular Expression Denial of Service via the <input type="url"> element
Summary: CVE-2023-26118 angularjs: Regular Expression Denial of Service via the <input...
Keywords:
Status: NEW
Alias: CVE-2023-26118
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2207892 2207893 2208194 2208195 2208196 2208197 2208198 2208199 2208200 2208201 2211108 2211110 2211111 2211113 2211114 2211115 2211117 2211118 2211120 2211121 2211123 2211124 2211125 2211126 2211127
Blocks: 2183111
TreeView+ depends on / blocked
 
Reported: 2023-03-30 12:21 UTC by Pedro Sampaio
Modified: 2024-03-29 03:35 UTC (History)
69 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in AngularJS, where it is vulnerable to a denial of service caused by a regular expression denial of service (ReDoS) flaw in the input[url] functionality. By providing specially-crafted regex input, a remote attacker can cause a denial of service.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description Pedro Sampaio 2023-03-30 12:21:51 UTC
All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.

References:

https://stackblitz.com/edit/angularjs-vulnerability-inpur-url-validation-redos
https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046

Comment 3 Avinash Hanwate 2023-05-18 08:50:32 UTC
Created firefox tracking bugs for this issue:

Affects: fedora-all [bug 2208194]


Created icecat tracking bugs for this issue:

Affects: fedora-all [bug 2208195]


Created mozjs102 tracking bugs for this issue:

Affects: fedora-all [bug 2208196]


Created mozjs78 tracking bugs for this issue:

Affects: fedora-all [bug 2208197]


Created qpid-dispatch tracking bugs for this issue:

Affects: openstack-rdo [bug 2208199]


Created thunderbird tracking bugs for this issue:

Affects: fedora-all [bug 2208198]

Comment 7 Tomas Popela 2023-05-30 14:52:53 UTC
@mrehak please don't open any bugs for RHEL 8 Firefox and Thunderbird Flatpaks as these were obsoleted by their RHEL 9 version at the time of RHEL 8.7.0 GA. I was assured several times that the templates/scripts that Product Security is using will be/were adapted, but still bugs are opened for these.


Note You need to log in before you can comment on or make changes to this bug.