angular
112 known vulnerabilities · 2 critical · 5 high
angular vulnerable to regular expression denial of service via the <input type="url"> element
angular vulnerable to super-linear runtime due to backtracking
AngularJS improperly sanitizes SVG elements
angular vulnerable to regular expression denial of service (ReDoS)
AngularJS allows attackers to bypass common image source restrictions
angular vulnerable to regular expression denial of service via the angular.copy() utility
AngularJS allows attackers to bypass common image source restrictions
angular vulnerable to regular expression denial of service via the $resource service
Malicious code in angular-dev-test (npm)
Malicious code in atomic-angular (npm)
Malicious code in angular-rs-loading (npm)
Malicious code in @antv/x6-angular-shape (npm)
Malicious code in ugentec-framework-angular (npm)
Malicious code in angular-identity-component (npm)
Malicious code in angular-adaptive-detection (npm)
Malicious code in payuangular (npm)
Malicious code in @aryanhussain/my-angular-lib (npm)
angular-ui-notification Cross-site Scripting vulnerability
Malicious code in angular-cloudinary-photo (npm)
Malicious code in itobuz-angular-button (npm)
Denial of Service and Content Injection in i18n-node-angular
Malicious code in angular-trackjs (npm)
Malicious code in cloudinary-sample-angular (npm)
Malicious code in angular-promql (npm)
Angular has XSS Vulnerability via Unsanitized SVG Script Attributes
angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend
Malicious code in angular-a11y-workshop (npm)
Angular Stored XSS Vulnerability via SVG Animation, SVG URL and MathML Attributes
angular-base64-upload vulnerable to unauthenticated remote code execution
Malicious code in dexter-angular-app (npm)
Malicious code in angular-link-diver (npm)
Malicious code in charting-library-angular5 (npm)
Malicious code in angularonlineauthclient (npm)
Malicious code in pingone-angular-sdk (npm)
Malicious code in nova-angular-project (npm)
Malicious code in angular-portal-dependencies (npm)
Malicious code in frontegg-angular (npm)
Angular Expressions - Remote Code Execution using filters
Malicious code in appauth-angular-app (npm)
Malicious code in epm-rdpt-angularjs (npm)
Path Traversal in angular-http-server
Malicious code in angular-tealium (npm)
Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR
Malicious code in angularanijmate (npm)
Malicious code in angularfire-seed (npm)
Angular: SSRF via protocol-relative and backslash URLs in Angular Platform-Server
Malicious code in traceviz-angular-trace (npm)
Malicious code in angular-monash (npm)
Malicious code in angular-directive-seed (npm)
Malicious code in collab-ui-angular (npm)
Malicious code in @gco-angular/apollo (npm)
@angular/common: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning
@angular/common: Denial of Service (DoS) via OOM in Date Formatting (formatDate)
@angular/compiler: Two-Way Property Binding Sanitization Bypass (XSS)
@angular/core: Angular Template and Dynamic Component Namespace Bypass leading to Cross-Site Scripting (XSS)
Malicious code in @devstack-angular/jdai (npm)
@angular/platform-server: Missing `<noscript>` Raw-Text Serialization Escaping leads to Cross-Site Scripting (XSS) in Angular SSR
@angular/platform-server: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
@angular/common: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)
Malicious code in traceviz-angular-core (npm)
@angular/common: Information Leak via Default Caching of Credentialed Requests in HttpTransferCache
@angular/service-worker: Sensitive Header Leakage on Cross-Origin Redirects in Angular Service Worker
Angular Client Hydration DOM Clobbering & Response-Cache Poisoning
Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
@angular/platform-server: URL Parser Differential leading to SSRF Allowlist Bypass
Malicious code in coralui-support-angular (npm)
Malicious code in accesso-angular-cache-buster (npm)
Malicious code in freekws-devportal-api-client-angular (npm)
Malicious code in flutter-angular-bridge (npm)
Malicious code in itobuz-angular (npm)
Malicious code in itobuz-angular-auth (npm)
Angular is Vulnerable to XSRF Token Leakage via Protocol-Relative URLs in Angular HTTP Client
Malicious code in @gco-angular/communication-facade (npm)
Malicious code in aem-angular-editable-components (npm)
Malicious code in simplemde-angular (npm)
Malicious code in @trackstar/test-angular-package (npm)
Malicious code in design-system-components-angular (npm)
Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
Malicious code in angular-codemirror (npm)
Malicious code in angular-tz-extensions (npm)
Malicious code in @gco-angular/rxjs-utils (npm)
Angular SSR has Open Redirect and Request Steering via Encoded X-Forwarded-Prefix
Malicious code in angular-blockchain-wallet (npm)
Malicious code in @aonunited/angular (npm)
Angular Service Worker Policy-Bypass & Credential-Stripping Vulnerabilities
Malicious code in tdangularjs (npm)
Malicious code in bmw-angular-framework (npm)
@angular/platform-server: SSRF via Hostname Hijacking
Malicious code in @hornetsecurity/angular-search-box (npm)
Malicious code in nishant-ok-angularjs (npm)
Malicious code in pingone-angular-registration (npm)
Malicious code in piwik-pro-angular-tracking (npm)
@angular/service-worker: Request Credential & Cache Policy Stripping
Malicious code in sbb-angular (npm)
Angular: Template and Attribute Namespace Sanitization Bypass (XSS)
Malicious code in @atlas-angular/logger (npm)
Malicious code in visa-ui-angular (npm)
Malicious code in @trackstar/angular-trackstar-link (npm)