CVE
CVE-2025-4690
| CVE ID |
CVE-2025-4690
|
|---|---|
| CVSS Score |
4.3
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
1.6.18
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
NVD Listing:- NVD - CVE-2025-4690
Bug Fixes
ngSanitize: Fixed a Regular Expression Denial of Service (ReDoS) vulnerability in the linky filter’s URL-matching regex. The previous pattern could exhibit super-linear runtime due to catastrophic backtracking, allowing malicious input to hang the application. The updated implementation uses a hardened regex that prevents backtracking while preserving correct URL and email detection.