@angular-devkit/build-angular (>=20.1.0 <=20.2.0-next.2), @angular/build (>=20.1.0 <=20.2.0-next.2) +59 more potentially affected by CVE-2025-58751 via vite (>=7.0.0 <=7.0.6)

vite NPM version =7.0.0, =20.1.0, =20.1.0, =0.0.4, =0.2.9, =1.190.0, =0.1.0, =19.3.2, =19.3.2, =0.0.1750946288791, =0.0.2, =0.0.7, =0.3.4 and more Source cves: CVE-2025-58751 Source advisory: OSV:GHSA-G4JQ-H2W9-997C...

@angular-devkit/build-angular (>=20.1.0 <=20.2.0-next.2), @angular/build (>=20.1.0 <=20.2.0-next.2) +59 more potentially affected by CVE-2025-58752 via vite (>=7.0.0 <=7.0.6)

vite NPM version =7.0.0, =20.1.0, =20.1.0, =0.0.4, =0.2.9, =1.190.0, =0.1.0, =19.3.2, =19.3.2, =0.0.1750946288791, =0.0.2, =0.0.7, =0.3.4 and more Source cves: CVE-2025-58752 Source advisory: OSV:GHSA-JQFW-VQ24-V9C3...

@angular-devkit/build-angular (>=20.1.0 <=20.2.0-next.2), @angular/build (>=20.1.0 <=20.2.0-next.2) +59 more potentially affected by CVE-2025-58752 via vite (>=7.0.0 <=7.0.6)

vite NPM version =7.0.0, =20.1.0, =20.1.0, =0.0.4, =0.2.9, =1.190.0, =0.1.0, =19.3.2, =19.3.2, =0.0.1750946288791, =0.0.2, =0.0.7, =0.3.4 and more Source cves: CVE-2025-58752 Source advisory: SNYK:JS-VITE-12558116...

MAL-2025-44584 Malicious code in heliophysics-comet-rollup-plugin-commitlint-config-angular (npm)

The package heliophysics-comet-rollup-plugin-commitlint-config-angular was found to contain malicious code...

Malicious code in antimatter-commitlint-config-angular-archaeoastronomy-lint (npm)

The package antimatter-commitlint-config-angular-archaeoastronomy-lint was found to contain malicious code...

Malicious code in heliophysics-comet-rollup-plugin-commitlint-config-angular (npm)

The package heliophysics-comet-rollup-plugin-commitlint-config-angular was found to contain malicious code...

MAL-2025-43456 Malicious code in antimatter-commitlint-config-angular-archaeoastronomy-lint (npm)

The package antimatter-commitlint-config-angular-archaeoastronomy-lint was found to contain malicious code...

MAL-2025-43895 Malicious code in cordelia-quasar-gravity-commitlint-config-angular (npm)

The package cordelia-quasar-gravity-commitlint-config-angular was found to contain malicious code...

MAL-2025-43872 Malicious code in commitlint-config-angular-photon-plutology-bioinformatics (npm)

The package commitlint-config-angular-photon-plutology-bioinformatics was found to contain malicious code...

MAL-2025-46099 Malicious code in soap-commitlint-config-angular-adonis-cors (npm)

The package soap-commitlint-config-angular-adonis-cors was found to contain malicious code...

MAL-2025-43532 Malicious code in astrophysics-commitlint-config-angular-unuk-luna (npm)

The package astrophysics-commitlint-config-angular-unuk-luna was found to contain malicious code...

Malicious code in commitlint-config-angular-photon-plutology-bioinformatics (npm)

The package commitlint-config-angular-photon-plutology-bioinformatics was found to contain malicious code...

Malicious code in astrophysics-commitlint-config-angular-unuk-luna (npm)

The package astrophysics-commitlint-config-angular-unuk-luna was found to contain malicious code...

Malicious code in prettier-plugin-markdown-regulus-halley-commitlint-config-angular (npm)

The package prettier-plugin-markdown-regulus-halley-commitlint-config-angular was found to contain malicious code...

Malicious code in cordelia-quasar-gravity-commitlint-config-angular (npm)

The package cordelia-quasar-gravity-commitlint-config-angular was found to contain malicious code...

MAL-2025-41967 Malicious code in design-system-components-angular-workspace (npm)

The package communicates with a domain associated with malicious activity...

Malicious code in design-system-components-angular-workspace (npm)

The package communicates with a domain associated with malicious activity...

CVE-2025-50977

A template injection vulnerability leading to reflected cross-site scripting XSS has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and allows attackers to inject malicious Angular expressions that execute...

CVE-2025-50977

A template injection vulnerability leading to reflected cross-site scripting XSS has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and allows attackers to inject malicious Angular expressions that execute...

CVE-2025-50977

Gitblit (version 1.7.1) contains a template injection vulnerability that enables reflected XSS via the r parameter. Exploitation requires authenticated admin access and can be triggered through GET requests to the /summary endpoint or POST requests to certain Wicket interfaces, enabling injection...