Описание
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing and also negatively affect the application's performance and behavior by using too large or slow-to-load images.
This issue affects all versions of AngularJS.
Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
A flaw was found in the angular package. Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS can allow attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing and negatively affect the application's performance and behavior by using too large or slow-to-load images.
Отчет
Within regulated environments, a combination of the following controls acts as a significant barrier to successful exploitation of a CWE-791: Incomplete Filtering of Special Elements vulnerability and, therefore, downgrades the severity of this particular CVE from Moderate to Low. Input undergoes strict validation to enforce expected formats and reject special characters that could affect control logic or system behavior. During development, static code analysis and peer reviews detect filtering issues early, reducing the risk of flawed input handling reaching production. Additionally, input-handling routines are subject to recurring verification against security requirements, and any deviations are flagged through automated quality gates and monitored runtime alerts, reducing the residual risk of exploitation.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/kibana6-rhel8 | Fix deferred | ||
| Red Hat Enterprise Linux 10 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 10 | gjs | Fix deferred | ||
| Red Hat Enterprise Linux 10 | grafana | Fix deferred | ||
| Red Hat Enterprise Linux 10 | thunderbird | Fix deferred | ||
| Red Hat Enterprise Linux 6 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 6 | thunderbird | Fix deferred | ||
| Red Hat Enterprise Linux 7 | firefox | Fix deferred | ||
| Red Hat Enterprise Linux 7 | thunderbird | Fix deferred | ||
| Red Hat Enterprise Linux 8 | firefox | Fix deferred |
Показывать по
Дополнительная информация
Статус:
EPSS
4.8 Medium
CVSS3
Связанные уязвимости
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing and also negatively affect the application's performance and behavior by using too large or slow-to-load images. This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing and also negatively affect the application's performance and behavior by using too large or slow-to-load images. This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
Improper sanitization of the value of the 'href' and 'xlink:href' attr ...
Уязвимость JavaScript-фреймворка для разработки одностраничных приложений АngularJS, связанная с неполной фильтрацией специальных элементов, позволяющая нарушителю проводить межсайтовые сценарные атаки
EPSS
4.8 Medium
CVSS3