@angular-devkit/build-angular (>=19.2.0 <=19.2.0-rc.0), @angular/build (>=19.2.0 <=19.2.0-rc.0) +40 more potentially affected by CVE-2025-32395 via vite (>=6.1.0 <=6.1.4)

vite NPM version =6.1.0, =19.2.0, =19.2.0, =1.0.7, =2.12.0, =2.12.0, =11.24.0, =0.0.1739797164641, =1.0.0, =0.0.0-experimental-989cf02-20250217-d62ba1cb, =0.0.0-experimental-80aadca-20250205-e2641483, =0.0.0-snapshot-1e670bae5105bde781e82aa2a8ee4f2dfc2446f0,...

@angular-devkit/build-angular (>=19.2.1 <=20.0.0-next.5), @angular/build (>=19.2.1 <=20.0.0-next.5) +44 more potentially affected by CVE-2025-32395 via vite (>=6.2.0 <=6.2.5)

vite NPM version =6.2.0, =19.2.1, =19.2.1, =0.55.0, =0.21.2-4.1, =1.0.0, =1.0.410, =3.8.0, =1.47.0, =5.0.0-alpha.40, =1.0.17-fe-upgrade-rc, =1.0.0-next.1, =2.0.0-next.3 and more Source cves: CVE-2025-32395 Source advisory: OSV:GHSA-356W-63V5-8WF4...

@aklesky/vite-config (>=0.7.9 <=0.9.0), @andrewzagorski/admin (=4.25.19-patch.1) +406 more potentially affected by CVE-2025-31486 via vite (>=5.0.0 <=5.4.16)

vite NPM version =5.0.0, =0.7.9, =17.1.0, =18.0.0, =1.0.25-beta.0, =0.5.0, =2.0.0-beta.0, =0.22.0, =1.0.1, =1.0.0, =1.0.0, =0.9.0, =1.0.0-alpha.13, =1.0.0-alpha.16 and more Source cves: CVE-2025-31486 Source advisory: OSV:GHSA-XCJ6-PQ6G-QJ4X...

@angular-devkit/build-angular (>=19.2.0 <=19.2.0-rc.0), @angular/build (>=19.2.0 <=19.2.0-rc.0) +40 more potentially affected by CVE-2025-31486 via vite (>=6.1.0 <=6.1.3)

vite NPM version =6.1.0, =19.2.0, =19.2.0, =1.0.7, =2.12.0, =2.12.0, =11.24.0, =0.0.1739797164641, =1.0.0, =0.0.0-experimental-989cf02-20250217-d62ba1cb, =0.0.0-experimental-80aadca-20250205-e2641483, =0.0.0-snapshot-1e670bae5105bde781e82aa2a8ee4f2dfc2446f0,...

@angular-devkit/build-angular (>=19.2.1 <=20.0.0-next.4), @angular/build (>=19.2.1 <=20.0.0-next.4) +43 more potentially affected by CVE-2025-31486 via vite (>=6.2.0 <=6.2.4)

vite NPM version =6.2.0, =19.2.1, =19.2.1, =0.55.0, =0.21.2-4.1, =1.0.0, =1.0.410, =3.8.0, =1.47.0, =5.0.0-alpha.40, =1.0.17-fe-upgrade-rc, =1.0.0-next.1, =2.0.0-next.3 and more Source cves: CVE-2025-31486 Source advisory: OSV:GHSA-XCJ6-PQ6G-QJ4X...

📄 Angular-Base64-Upload Library Remote Code Execution

Angular-Base64-Upload library unauthenticated remote code execution proof of concept exploit that affects versions prior to 0.1.21. !/bin/python3 Exploit Title: Unauthenticated RCE via Angular-Base64-Upload Library Date: 10 October 2024 Discovered by : Ravindu Wickramasinghe | rvz @rvizx9 Exploit...

Angular-Base64-Upload Library 0.1.20 - Remote Code Execution (RCE)

Exploit Title: Angular-Base64-Upload Library 0.1.20 - Remote Code Execution RCE Date: 10 October 2024 Discovered by : Ravindu Wickramasinghe | rvz @rvizx9 Exploit Author: Ravindu Wickramasinghe | rvz @rvizx9 Vendor Homepage: https://www.npmjs.com/package/angular-base64-upload Software Link:...

@angular-devkit/build-angular (>=19.2.0 <=19.2.0-rc.0), @angular/build (>=19.2.0 <=19.2.0-rc.0) +40 more potentially affected by CVE-2025-31125 via vite (>=6.1.0 <=6.1.2)

vite NPM version =6.1.0, =19.2.0, =19.2.0, =1.0.7, =2.12.0, =2.12.0, =11.24.0, =0.0.1739797164641, =1.0.0, =0.0.0-experimental-989cf02-20250217-d62ba1cb, =0.0.0-experimental-80aadca-20250205-e2641483, =0.0.0-snapshot-1e670bae5105bde781e82aa2a8ee4f2dfc2446f0,...

@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +25 more potentially affected by CVE-2025-31125 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =19.1.5, =5.0.0-alpha.37, =19.1.0, =19.1.0, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.3.0-dev.12 and more Source cves: CVE-2025-31125 Source advisory:...

@angular-devkit/build-angular (>=19.2.1 <=20.0.0-next.3), @angular/build (>=19.2.1 <=20.0.0-next.3) +40 more potentially affected by CVE-2025-31125 via vite (>=6.2.0 <=6.2.3)

vite NPM version =6.2.0, =19.2.1, =19.2.1, =0.55.0, =0.21.2-4.1, =1.0.0, =1.0.410, =3.8.0, =5.0.0-alpha.40, =1.0.17-fe-upgrade-rc, =1.0.0-next.1, =2.0.0-next.3 and more Source cves: CVE-2025-31125 Source advisory: OSV:GHSA-4R4M-QW57-CHR8...

@angular-devkit/build-angular (>=19.2.0 <=19.2.0-rc.0), @angular/build (>=19.2.0 <=19.2.0-rc.0) +39 more potentially affected by CVE-2025-30208 via vite (>=6.1.0 <=6.1.1)

vite NPM version =6.1.0, =19.2.0, =19.2.0, =1.0.7, =2.12.0, =2.12.0, =11.24.0, =0.0.1739797164641, =1.0.0, =0.0.0-experimental-989cf02-20250217-d62ba1cb, =0.0.0-experimental-80aadca-20250205-e2641483, =0.0.0-snapshot-1e670bae5105bde781e82aa2a8ee4f2dfc2446f0,...

@angular-devkit/build-angular (>=19.2.1 <=20.0.0-next.2), @angular/build (>=19.2.1 <=20.0.0-next.2) +32 more potentially affected by CVE-2025-30208 via vite (>=6.2.0 <=6.2.2)

vite NPM version =6.2.0, =19.2.1, =19.2.1, =0.55.0, =1.0.0, =1.0.410, =5.0.0-alpha.40, =1.0.0-next.1, =3.0.0, =19.1.1, =19.1.1, =2.13.0, =2.14.0 and more Source cves: CVE-2025-30208 Source advisory: OSV:GHSA-X574-M823-4X7W...

@andrewzagorski/admin (>=4.25.19-patch.2 <=4.25.19-patch.3), @andrewzagorski/pack-up (=4.23.1-prerelease.2) +25 more potentially affected by CVE-2025-30208 via vite (>=6.0.0 <=6.0.11)

vite NPM version =6.0.0, =4.25.19-patch.2, =19.1.5, =19.1.5, =5.0.0-alpha.37, =19.1.0, =19.1.0, =2.11.0, =2.11.0, =11.23.0, =0.0.0-experimental-13bd4c2-20250203-4e3af844, =0.0.0-snapshot-1d99fea7d2ce2c7a5d9ed0a3752f8a7bda6bc3db, =0.3.0-dev.12 and more Source cves: CVE-2025-30208 Source advisory:...

Malicious code in angular-remove-diacritics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5abbdf7a3253b0f21066be1be90dc829f3e83d3cd402e748a428c5a1b36f4918 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-2295 Malicious code in angular-remove-diacritics (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 5abbdf7a3253b0f21066be1be90dc829f3e83d3cd402e748a428c5a1b36f4918 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Linux Distros Unpatched Vulnerability : CVE-2023-26118

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service ReDoS via the element due to the usage of an insecure regular...

Linux Distros Unpatched Vulnerability : CVE-2023-26117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecur...

Linux Distros Unpatched Vulnerability : CVE-2023-26116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage ...

Linux Distros Unpatched Vulnerability : CVE-2021-4231

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation...

MAL-2025-2091 Malicious code in angular-identity-component (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 54c4b1fd6456e049589f15a4f03fe3fdb5370f3e9d0d66e8664835e3c7cb5f0a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...