1344 matches found
UBUNTU-CVE-2024-21490
This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of servic...
CVE-2024-21490
CVE-2024-21490 affects AngularJS ng-srcset handling. The vulnerability is a regular expression backtracking (ReDoS) in the ng-srcset split logic, exploitable via crafted input to trigger super-linear runtime and denial of service. Documents indicate affected versions are AngularJS 1.3.0 and later...
CVE-2024-21490
This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of servic...
CVE-2024-21490
This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of servic...
CVE-2024-21490
This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of servic...
Angular Security Vulnerabilities
Angular is a development platform. It is used to build mobile and desktop web applications using Typescript / JavaScript and other languages. A security vulnerability exists in Angular version 1.3.0. An attacker has exploited the vulnerability to cause a denial of service...
CVE-2024-22200
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0...
Design/Logic Flaw
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0...
CVE-2024-22200 vantage6-UI docker image leaks software version information
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0...
CVE-2024-22200 vantage6-UI docker image leaks software version information
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0...
CVE-2024-22200 vantage6-UI docker image leaks software version information
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0...
PT-2024-2069 · Nginx +1 · Nginx +1
Name of the Vulnerable Software and Affected Versions: vantage6-UI versions prior to 4.2.0 Description: The issue is related to insufficient protection of service data in the vantage6-UI interface, which can allow a remote attacker to gain unauthorized access to protected information. The docker...
Malicious code in genealogy-angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c79ec06571b4db3810fc4f4e1dc9aec99929ab8e3a35f853e5f253f55adce823 The OpenSSF Package Analysis project identified 'genealogy-angular' @ 1.1.1 npm as malicious. It is considered malicious because: - The package...
MAL-2024-149 Malicious code in genealogy-angular (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis c79ec06571b4db3810fc4f4e1dc9aec99929ab8e3a35f853e5f253f55adce823 The OpenSSF Package Analysis project identified 'genealogy-angular' @ 1.1.1 npm as malicious. It is considered malicious because: - The package...
Malicious code in @dle-multiform-angular-component/core (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 820657ccb39c885de6a5d6006ee75064ffa46699e8af105375b12a67436649fc The OpenSSF Package Analysis project identified '@dle-multiform-angular-component/core' @ 13.0.1 npm as malicious. It is considered malicious...
@angular-devkit/build-angular (>=17.0.0-next.7 <=17.0.0-next.9), @attq/blackboox (>=0.4.0 <=0.4.2) +31 more potentially affected by CVE-2023-49293 via vite (>=4.4.1 <=4.4.11)
vite NPM version =4.4.1, =17.0.0-next.7, =0.4.0, =1.0.0-rc.1, =1.0.0, =1.9.0, =17.0.0-next.8, =17.0.0-next.8, =0.0.9, =0.0.9, =0.0.9, =0.0.18 and more Source cves: CVE-2023-49293 Source advisory: OSV:GHSA-92R3-M2MG-PJ97...
Regular Expression Denial of Service (ReDoS)
Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...
Regular Expression Denial of Service (ReDoS)
Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in...
10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3265 more potentially affected by CVE-2024-21490 via angular (>=1.3.11 <=1.8.3)
angular NPM version =1.3.11, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2024-21490 Source advisory: SNYK:JS-ANGULAR-6091113...
PT-2023-9165
Name of the Vulnerable Software and Affected Versions angular versions 1.3.0 and later Description A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic...