Pending AI Enrichment

This vulnerability was recently detected via the live feed and has not yet been processed by Precogs AI's context enrichment engine. The data below represents raw telemetric data.

RAW NVD TELEMETRY

CVE-2022-25844

CVSS Base Score

5.3 MEDIUM

Primary Weakness

CWE-1333

Published Date

May 1, 2022

Data Source

NVD API

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. **Note:** 1) This package has been deprecated and is no longer maintained. 2) The vulnerable versions are 1.7.0 and higher.

Related Vulnerabilitiesvia CWE-1333

View all CWE-1333 vulnerabilities →

Explore Precogs Intelligence

●The Vulnerability Hub ●AI-Generated Code Exploits ●Enterprise Security Guides ●OWASP Top 10 Taxonomy