MAL-2025-41423 Malicious code in @navancorp/angular-web-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c94679c1658a3cfefa49daf06a90a50daeb480069b754976a6f72efa2e4e1d44 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in @navancorp/angular-web-components (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c94679c1658a3cfefa49daf06a90a50daeb480069b754976a6f72efa2e4e1d44 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Regular Expression Denial of Service (ReDoS)

Overview angular-sanitize is an AngularJS module for sanitizing HTML Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the linky filter. An attacker can cause excessive resource consumption and degrade application performance by submitting speciall...

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.npm:angular-sanitize is an AngularJS module for sanitizing HTML Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the linky filter. An attacker can cause excessive resource consumption and degrade application performance by...

40au-isteven-angular-multiselect (=4.0.0), @0negativ/hawtio-integration (>=4.13.7-rc4 <=4.13.7-rc5) +503 more potentially affected by CVE-2025-4690 via angular-sanitize (>=1.2.27 <=1.8.3)

angular-sanitize NPM version =1.2.27, =4.13.7-rc4, =0.0.1, =0.0.1, =0.1.0, =2.0.0, =0.3.2, =0.2.7, =1.0.0, =1.0.0, =0.2.1, =0.0.1, =1.0.0, =3.0.2, =4.16.5 and more Source cves: CVE-2025-4690 Source advisory: SNYK:JS-ANGULARSANITIZE-12177871...

net.aequologica.neo:geppaequo-tags (>=0.5.3 <=0.6.0), net.aequologica.neo:geppaequo-web (>=0.5.3 <=0.6.0) +4 more potentially affected by CVE-2025-4690 via org.webjars.npm:angular-sanitize (>=1.5.0-beta.0 <=1.8.3)

org.webjars.npm:angular-sanitize MAVEN version =1.5.0-beta.0, =0.5.3, =0.5.3, =0.6.0 - org.webjars.npm:angular-auto-complete =1.7.4 - org.webjars.npm:angular-material-calendar =0.2.14 - org.webjars.npm:angular-schema-form =0.8.13 - org.webjars.npm:github-com-showdownjs-ng-showdown =1.1.0 Source...

com.github.grantlittle:bdd-reporting-server (>=0.1.5 <=0.1.7), com.github.grantlittle:bdd-reporting-service (=0.1.9) +59 more potentially affected by CVE-2025-4690 via org.webjars.bower:angular-sanitize (>=1.2.29 <=1.8.2)

org.webjars.bower:angular-sanitize MAVEN version =1.2.29, =0.1.5, =0.5.0, =0.5.0, =0.5.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.1 and more Source cves: CVE-2025-4690 Source advisory: SNYK:JAVA-ORGWEBJARSBOWER-12177873...

Regular Expression Denial of Service (ReDoS)

Overview org.webjars.bower:angular-sanitize is an AngularJS module for sanitizing HTML Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the linky filter. An attacker can cause excessive resource consumption and degrade application performance by...

Linux Distros Unpatched Vulnerability : CVE-2022-25869

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting XS...

Linux Distros Unpatched Vulnerability : CVE-2022-25844

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign...

Linux Distros Unpatched Vulnerability : CVE-2020-7676

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping elements in...

Linux Distros Unpatched Vulnerability : CVE-2019-14863

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data...

Malicious code in @hornetsecurity/angular-search-box (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6903 Malicious code in @hornetsecurity/angular-search-box (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6890 Malicious code in @hornetsecurity/angular-pew-pew (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 28e7be23ba9caf66d89c4659d66001871cf1901098bdab6dd4dd8630d476a991 The OpenSSF Package Analysis project identified '@hornetsecurity/angular-pew-pew' @ 1.0.0 npm as malicious. It is considered malicious because: ...

Malicious code in @hornetsecurity/angular-pew-pew (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 28e7be23ba9caf66d89c4659d66001871cf1901098bdab6dd4dd8630d476a991 The OpenSSF Package Analysis project identified '@hornetsecurity/angular-pew-pew' @ 1.0.0 npm as malicious. It is considered malicious because: ...

MAL-2025-6901 Malicious code in @angular_devkit/build_angular (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious code in @angular_devkit/build_angular (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

Malicious code in @angular_devkit/architect (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

MAL-2025-6900 Malicious code in @angular_devkit/architect (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...