By clicking "Accept", you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.

View all Vulnerabilities

CVE-2022-25844

ReDoS Vulnerability

Affects

AngularJS

>=1.7.0

AngularJS

Patch Available

This Vulnerability has been fixed in the Never-Ending Support (NES) version offered by HeroDevs

View NES Solution

Overview

AngularJS is a JavaScript framework for developing dynamic web applications. It lets you use HTML as your template language and lets you extend HTML's syntax to express your application's components clearly and succinctly.

‍

A Regular expression Denial of Service (ReDoS) vulnerability (CVE-2022-25844) has been identified in AngularJS, which could allow attackers to provide a large, carefully-crafted input that causes a Denial of Service of the application.

‍

Per OWASP: The Regular expression Denial of Service (ReDoS) is a Denial of Service attack that exploits the fact that most Regular Expression implementations may reach extreme situations that cause them to work very slowly (exponentially related to input size). An attacker can then cause a program using a Regular Expression (Regex) to enter these extreme situations and then hang for a very long time.

‍

This issue affects AngularJS versions 1.7.0 and greater.

‍

Details

Module Info

Product: AngularJS
Affected packages: angular
Affected versions: >=1.7.0
GitHub repository: https://github.com/angular/angular.js
Published packages: https://www.npmjs.com/package/angular
Package manager: npm
Fixed in: AngularJS NES v1.8.8

‍

Vulnerability Info

This Medium-severity vulnerability is found in the main angular package in AngularJS versions 1.7.0 and greater.

‍

AngularJS' localization utilities allow formatting numbers as currency values. If an application sets the current locale's NUMBER_FORMATS.PATTERNS[1].posPre value to a user-defined string, it can be abused to cause a Denial of Service of the appication.

‍

Steps to Reproduce

Create an AngularJS application and set the $locale's prePos value to a string consisting of many spaces:

angular .module('app', []) .run(['$locale', $locale => { $locale.NUMBER_FORMATS.PATTERNS[1].posPre = ' '.repeat(1000000); }]);

‍

Run the currency filter on a value with the empty string as the currency symbol. This can be done either in a template (with {{ 100 | currency : '' }}) or by calling the filter directly:

angular .module('app') .run(['currencyFilter', currencyFilter => { currencyFilter(100, ''); }]);

‍