Security Bulletin: Vulnerabilities in Angular might affect IBM Storage Defender Copy Data Management.

Summary IBM Storage Defender Copy Data Management can be affected by vulnerabilities in Angular. Vulnerabilities include a large carefully-crafted input, which can result in catastrophic backtracking and Cross-site Scripting XSS due to insecure page caching in the Internet Explorer browser as...

Linux Distros Unpatched Vulnerability : CVE-2025-59052

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container...

Security Bulletin: Multiple vulnerabilities found in IBM Security Verify Information Queue

Summary Multiple security vulnerabilities in the third-party libraries have been addressed in IBM Security Verify Information Queue ISIQ Vulnerability Details CVEID:CVE-2023-40167 DESCRIPTION: Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2025-0716 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2025-0716 Source advisory: OSV:GHSA-J58C-WW9W-PWP5...

Content Spoofing

angular is vulnerable to Content Spoofing. The vulnerability is caused by improper sanitization of the value of the srcset attribute. This allows attackers to bypass common image source restrictions, leading to a form of Content Spoofing...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3265 more potentially affected by CVE-2024-8372 via angular (>=1.3.11 <=1.8.3)

angular NPM version =1.3.11, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2024-8372 Source advisory: OSV:GHSA-M9GF-397R-HWPG...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2024-8373 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2024-8373 Source advisory: OSV:GHSA-MQM9-C95H-X2P6...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3265 more potentially affected by CVE-2024-21490 via angular (>=1.3.11 <=1.8.3)

angular NPM version =1.3.11, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2024-21490 Source advisory: OSV:GHSA-4W4V-5HC9-XRR2...

SUSE CVE-2023-26116

Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2023-26116 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26116 Source advisory: OSV:GHSA-2VRF-HF26-JRP5...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2023-26117 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26117 Source advisory: OSV:GHSA-2QQX-W9HR-Q5GX...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2023-26118 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26118 Source advisory: OSV:GHSA-QWQH-HM9M-P5HR...

DEBIAN-CVE-2023-26117

Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...

UBUNTU-CVE-2023-26118

Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular expression in the inputurl functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result ...

UBUNTU-CVE-2023-26116

Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...

CVE-2023-26116

Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...

PT-2023-4756

Name of the Vulnerable Software and Affected Versions angular versions 1.4.9 and later Description The issue is related to the usage of an insecure regular expression in the inputurl functionality of the angular package, which can lead to a Regular Expression Denial of Service ReDoS via the...

Angular 安全漏洞

Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. Angular has a security vulnerability that stems from the use of insecure regular expressions that are susceptible to Regular Expression Denial of Service...

PT-2023-4757

Name of the Vulnerable Software and Affected Versions angular versions 1.0.0 and later Description The issue is related to the $resource service in angular, which uses an insecure regular expression. This can lead to a Regular Expression Denial of Service ReDoS when a large, carefully-crafted inp...

Regular Expression Denial of Service (ReDoS)

Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...