{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-21490", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "state": "PUBLISHED", "assignerShortName": "snyk", "dateReserved": "2023-12-22T12:33:20.118Z", "datePublished": "2024-02-10T05:00:01.641Z", "dateUpdated": "2025-01-16T11:21:15.596Z"}, "containers": {"cna": {"metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "NETWORK", "attackComplexity": "LOW", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P"}}], "credits": [{"value": "George Kalpakas", "lang": "en"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-1333", "description": "Regular Expression Denial of Service (ReDoS)", "lang": "en"}]}], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2025-01-16T11:21:15.596Z"}, "descriptions": [{"value": "This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. \r\r\r**Note:**\r\rThis package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).", "lang": "en"}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113"}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746"}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747"}, {"url": "https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"}], "affected": [{"product": "angular", "versions": [{"version": "1.3.0", "lessThan": "*", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "org.webjars.bower:angular", "versions": [{"version": "1.3.0", "lessThan": "*", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}, {"product": "org.webjars.npm:angular", "versions": [{"version": "1.3.0", "lessThan": "*", "status": "affected", "versionType": "semver"}], "vendor": "n/a"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-21490", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-12T19:24:29.584548Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:20:52.142Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:20:40.902Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747", "tags": ["x_transferred"]}, {"url": "https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos", "tags": ["x_transferred"]}, {"url": "https://support.herodevs.com/hc/en-us/articles/25715686953485-CVE-2024-21490-AngularJS-Regular-Expression-Denial-of-Service-ReDoS", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746", "tags": ["x_transferred"]}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747", "tags": ["x_transferred"]}, {"url": "https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos", "tags": ["x_transferred"]}, {"url": "https://support.herodevs.com/hc/en-us/articles/25715686953485-CVE-2024-21490-AngularJS-Regular-Expression-Denial-of-Service-ReDoS", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T22:20:40.902Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-21490", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-12T19:24:29.584548Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:37.096Z"}}], "cna": {"credits": [{"lang": "en", "value": "George Kalpakas"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "exploitCodeMaturity": "PROOF_OF_CONCEPT", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "n/a", "product": "angular", "versions": [{"status": "affected", "version": "1.3.0", "lessThan": "*", "versionType": "semver"}]}, {"vendor": "n/a", "product": "org.webjars.bower:angular", "versions": [{"status": "affected", "version": "1.3.0", "lessThan": "*", "versionType": "semver"}]}, {"vendor": "n/a", "product": "org.webjars.npm:angular", "versions": [{"status": "affected", "version": "1.3.0", "lessThan": "*", "versionType": "semver"}]}], "references": [{"url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113"}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746"}, {"url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747"}, {"url": "https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"}], "descriptions": [{"lang": "en", "value": "This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. \r\r\r**Note:**\r\rThis package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core)."}], "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-1333", "description": "Regular Expression Denial of Service (ReDoS)"}]}], "providerMetadata": {"orgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "shortName": "snyk", "dateUpdated": "2025-01-16T11:21:15.596Z"}}}, "cveMetadata": {"cveId": "CVE-2024-21490", "state": "PUBLISHED", "dateUpdated": "2025-01-16T11:21:15.596Z", "dateReserved": "2023-12-22T12:33:20.118Z", "assignerOrgId": "bae035ff-b466-4ff4-94d0-fc9efd9e1730", "datePublished": "2024-02-10T05:00:01.641Z", "assignerShortName": "snyk"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:angularjs:angular.js:*:*:*:*:*:*:*:*", "matchCriteriaId": "BAF43CA0-8F6F-4B34-AE11-85134A4E8491", "versionStartIncluding": "1.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. \r\r\r**Note:**\r\rThis package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core)."}, {"lang": "es", "value": "Esto afecta a las versiones del paquete angular desde 1.3.0. Una expresi\u00f3n regular utilizada para dividir el valor de la directiva ng-srcset es vulnerable a un tiempo de ejecuci\u00f3n superlineal debido al retroceso. Con una gran cantidad de informaci\u00f3n cuidadosamente elaborada, esto puede resultar en un retroceso catastr\u00f3fico y provocar una denegaci\u00f3n de servicio. **Nota:** Este paquete est\u00e1 en EOL y no recibir\u00e1 ninguna actualizaci\u00f3n para solucionar este problema. Los usuarios deben migrar a [@angular/core](https://www.npmjs.com/package/@angular/core)."}], "id": "CVE-2024-21490", "lastModified": "2025-01-16T12:15:25.320", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "report@snyk.io", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-10T05:15:08.650", "references": [{"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746"}, {"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747"}, {"source": "report@snyk.io", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113"}, {"source": "report@snyk.io", "tags": ["Exploit", "Third Party Advisory"], "url": "https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://support.herodevs.com/hc/en-us/articles/25715686953485-CVE-2024-21490-AngularJS-Regular-Expression-Denial-of-Service-ReDoS"}], "sourceIdentifier": "report@snyk.io", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-1333"}], "source": "report@snyk.io", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-1333"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "angular: Inefficient Regular Expression Complexity", "id": "2263754", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2263754"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-1333", "details": ["This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. \n**Note:**\nThis package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).", "An Inefficient Regular Expression Complexity vulnerability was found in NodeJS Angular. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking, leading to denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-21490", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Not affected", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "mozjs60", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "thunderbird:flatpak/thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox:flatpak/firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gjs", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "grafana", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "polkit", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird:flatpak/thunderbird", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Will not fix", "package_name": "angular", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "angular", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "fix_state": "Not affected", "package_name": "angular", "product_name": "Red Hat JBoss Enterprise Application Platform 7"}, {"cpe": "cpe:/a:redhat:jbosseapxp", "fix_state": "Not affected", "package_name": "angular", "product_name": "Red Hat JBoss Enterprise Application Platform Expansion Pack"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "qpid-dispatch", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "qpid-dispatch", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Will not fix", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Affected", "package_name": "nodejs-angular", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Will not fix", "package_name": "angular", "product_name": "Red Hat Single Sign-On 7"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "grafana", "product_name": "Red Hat Storage 3"}], "public_date": "2024-02-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-21490\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-21490\nhttps://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113"], "statement": "The vulnerability in the Angular package, has been categorized as having a moderate severity rather than being labeled as important due to several factors. While the regular expression used for splitting the value of the ng-srcset directive is susceptible to super-linear runtime caused by backtracking, the practical exploitation of this vulnerability requires a large, carefully-crafted input. This input, which triggers catastrophic backtracking and potential denial of service, would not be easily achievable in typical use cases. Additionally, the affected package, Angular 1.3.0, is already designated as End of Life (EOL) and is not receiving updates, limiting its relevance to current development practices. \nRed Hat Enterprise Linux is not affected as its not shipping the vulnerable code.", "threat_severity": "Moderate"}