Security
Headlines

Headlines Latest CVEs

Headline

GHSA-qwqh-hm9m-p5hr: angular vulnerable to regular expression denial of service via the <input type="url"> element

All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.

1 year ago

#vulnerability #dos #git

angular vulnerable to regular expression denial of service via the <input type="url"> element

Moderate severity GitHub Reviewed Published Mar 30, 2023 to the GitHub Advisory Database • Updated Apr 3, 2023

Related news

All versions of the package angular are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.

1 year ago

#vulnerability #dos

ghsa: Latest News

GHSA-8gc2-vq6m-rwjw: Amazon Redshift Python Connector vulnerable to SQL Injection

22 hours ago

GHSA-8596-2jgr-ppj7: Amazon Redshift JDBC Driver vulnerable to SQL Injection

22 hours ago

GHSA-xx95-62h6-h7v3: lgsl Stored Cross-Site Scripting vulnerability

22 hours ago

GHSA-x52f-h5g4-8qv5: Marp Core allows XSS by improper neutralization of HTML sanitization

1 day ago

GHSA-76h9-2vwh-w278: Apache MINA Deserialization RCE Vulnerability

2 days ago