George Kalpakas

**Name of the Vulnerable Software and Affected Versions** Elliptic versions prior to 6.6.2 **Description** The ECDSA implementation within the Elliptic package produces incorrect signatures when an interim value of `k` (calculated according to step 3.2 of RFC 6979) contains leading zeros, making it susceptible to cryptanalysis and potentially exposing the secret key. This occurs because the byte-length of `k` is calculated incorrectly, leading to truncation during computation. This can disrupt legitimate transactions or communications. An attacker, under specific conditions, could derive the secret key by obtaining both a faulty signature generated by a vulnerable version of Elliptic and a correct signature for the same inputs. **Recommendations** Update to Elliptic version 6.6.2 or later.

Name of the Vulnerable Software and Affected Versions: AngularJS (affected versions not specified) Description: A regular expression used by the AngularJS linky filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking, potentially leading to a Regular expression Denial of Service (ReDoS) attack. The AngularJS project is End-of-Life and will not receive updates to address this issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AngularJS versions 1.3.1 and later **Description** The issue is related to improper sanitization of the `href` and `xlink:href` attributes in `<image>` SVG elements in the `ngSanitize` module. This allows attackers to bypass common image source restrictions, potentially leading to Content Spoofing and negatively affecting the application's performance and behavior by using large or slow-to-load images. **Recommendations** For AngularJS versions 1.3.1 and later, consider disabling the `ngSanitize` module or restricting the use of `<image>` SVG elements until a workaround can be implemented, noting that the AngularJS project is End-of-Life and will not receive updates to address this issue.

**Name of the Vulnerable Software and Affected Versions** AngularJS versions prior to the end of life, as no specific fixed version is mentioned and the project is End-of-Life. **Description** The issue is related to improper sanitization of the `href` and `xlink:href` attributes in `<image>` SVG elements, allowing attackers to bypass common image source restrictions. This can lead to Content Spoofing and negatively affect the application's performance and behavior by using too large or slow-to-load images. **Recommendations** For all affected versions of AngularJS, consider disabling the use of `<image>` SVG elements or restricting the `href` and `xlink:href` attributes to mitigate the risk of exploitation, as the project is End-of-Life and will not receive any updates to address this issue.

Name of the Vulnerable Software and Affected Versions: AngularJS versions all Description: The issue is related to improper sanitization of the value of the `[srcset]` attribute in `<source>` HTML elements in AngularJS, allowing attackers to bypass common image source restrictions. This can also lead to a form of Content Spoofing. The AngularJS project is End-of-Life and will not receive any updates to address this issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: AngularJS versions 1.3.0-rc.4 and greater Description: The issue is due to improper sanitization of the value of the `[srcset]` attribute in AngularJS, allowing attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing. The AngularJS project is End-of-Life and will not receive any updates to address this issue. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** angular versions 1.3.0 and later **Description** A regular expression used to split the value of the `ng-srcset` directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Recommendations** For versions 1.3.0 and later, migrate to `@angular/core` as the package is EOL and will not receive any updates to address this issue. As a temporary workaround, consider restricting the use of the `ng-srcset` directive until a patch is available.

**Name of the Vulnerable Software and Affected Versions** angular versions 1.2.21 and later **Description** The issue is related to the angular.copy() utility function, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service (ReDoS) via a large carefully-crafted input, resulting in catastrophic backtracking. Exploiting this issue is possible, allowing a remote attacker to cause a denial of service. **Recommendations** For versions 1.2.21 and later, consider disabling the `angular.copy()` function until a patch is available to prevent potential exploitation. Restricting the input to the `angular.copy()` function can also help minimize the risk of catastrophic backtracking. As a temporary workaround, avoid using large inputs that could trigger the insecure regular expression. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** angular versions 1.0.0 and later **Description** The issue is related to the $resource service in angular, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service (ReDoS) when a large, carefully-crafted input is provided, resulting in catastrophic backtracking. The vulnerability can be exploited by a remote attacker to cause a denial of service. **Recommendations** For angular versions 1.0.0 and later, consider disabling the $resource service until a patch is available to prevent potential exploitation. Restrict access to the $resource service to minimize the risk of denial of service attacks. Avoid using the $resource service with large, untrusted inputs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** angular versions 1.4.9 and later **Description** The issue is related to the usage of an insecure regular expression in the input[url] functionality of the angular package, which can lead to a Regular Expression Denial of Service (ReDoS) via the <input type="url"> element. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking. This can allow a remote attacker to cause a denial of service. **Recommendations** For angular versions 1.4.9 and later, consider disabling the input[url] functionality until a patch is available. Restrict access to the <input type="url"> element to minimize the risk of exploitation. Avoid using the input[url] functionality with large or untrusted inputs until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.