CVE-2025-4690

4.3 MEDIUM

Denial of Service

📋 TL;DR

This CVE describes a Regular Expression Denial of Service (ReDoS) vulnerability in AngularJS's linky filter. Attackers can craft malicious input that causes super-linear runtime processing, potentially crashing or severely degrading application performance. All AngularJS versions are affected, and since AngularJS is End-of-Life, no official patches will be released.

💻 Affected Systems

Products:

• AngularJS

Versions: All versions

Operating Systems: All platforms running AngularJS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications using the linky filter from ngSanitize module. AngularJS is End-of-Life (EOL) and will not receive official updates.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

1. Review the CVE details at NVD
2. Check vendor security advisories for your specific version
3. Test if the vulnerability is exploitable in your environment
4. Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Application becomes completely unresponsive, leading to service disruption and potential data loss if the system crashes.

🟠

Likely Case

Significant performance degradation causing slow response times and poor user experience.

🟢

If Mitigated

Minimal impact with proper input validation and rate limiting in place.

🌐 Internet-Facing: HIGH - Publicly accessible applications are directly exposed to crafted malicious inputs.

🏢 Internal Only: MEDIUM - Internal users could still exploit this, though attack surface is smaller.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof of concept available in provided references. Exploitation requires sending crafted input to applications using the vulnerable linky filter.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: N/A

Vendor Advisory: https://docs.angularjs.org/misc/version-support-status

Restart Required: No

Instructions:

No official patch available due to AngularJS EOL status. Consider migration to Angular (v2+) or implementing workarounds.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation to reject or sanitize inputs that could trigger the vulnerable regex pattern.

Replace linky Filter

all

Replace the vulnerable linky filter with a custom implementation using a safer regex pattern or different URL detection method.

🧯 If You Can't Patch

• Implement Web Application Firewall (WAF) rules to block malicious patterns
• Apply rate limiting to prevent repeated exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Copy

Check if application uses AngularJS and specifically the linky filter from ngSanitize module.

Check Version:

Copy

Check AngularJS version in application dependencies or package.json

Verify Fix Applied:

Copy

Test with known malicious patterns from references to ensure application doesn't experience performance degradation.

📡 Detection & Monitoring

Log Indicators:

• Unusually long processing times for URL parsing
• Application crashes or restarts after receiving specific inputs

Network Indicators:

• Large or complex text inputs being sent to endpoints using linky filter

SIEM Query:

Copy

Search for application logs showing high CPU usage or timeout errors correlated with specific user inputs

📊 Metadata

CVE ID: CVE-2025-4690

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE: CWE-1333

EPSS Score: 0.03% exploit probability (7.1th percentile)

Published: August 19, 2025

Last Updated: August 20, 2025

🔗 References

• https://codepen.io/herodevs/pen/RNNEPzP/751b91eab7730dff277523f3d50e4b77
• https://www.herodevs.com/vulnerability-directory/cve-2025-4690
• https://codepen.io/herodevs/pen/RNNEPzP/751b91eab7730dff277523f3d50e4b77
• https://www.herodevs.com/vulnerability-directory/cve-2025-4690

📤 Share & Export

Twitter LinkedIn Reddit Copy Link

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-4690, you might also want to check these:

CVE-2023-29487 9.1

This CVE describes a denial-of-service vulnerability in Heimdal Thor agent's Threat To Process Corre...

Same vulnerability type (CWE-1333)

CVE-2025-62484 8.1

A regular expression complexity vulnerability in Zoom Workplace Clients allows unauthenticated attac...

Same vulnerability type (CWE-1333)

CVE-2024-4148 7.5

A Regular Expression Denial of Service (ReDoS) vulnerability in lunary-ai/lunary version 1.2.10 allo...

Same vulnerability type (CWE-1333)