Regular Expression Denial of Service (ReDoS)

Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3308 more potentially affected by CVE-2023-26117 via angular (>=1.0.8 <=1.8.3)

angular NPM version =1.0.8, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26117 Source advisory: SNYK:JS-ANGULAR-3373045...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3306 more potentially affected by CVE-2023-26116 via angular (>=1.2.27 <=1.8.3)

angular NPM version =1.2.27, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26116 Source advisory: SNYK:JS-ANGULAR-3373044...

Regular Expression Denial of Service (ReDoS)

Overview angular is a package that lets you write client-side web applications as if you had a smarter browser. It also lets you use HTML as your template language and lets you extend HTML’s syntax to express your application’s components clearly and succinctly. Affected versions of this package...

Regular Expression Denial of Service (ReDoS)

Overview AngularJS.Core is an AngularJS. package for other Angular modules within .NET. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this...

Regular Expression Denial of Service (ReDoS)

Overview Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...

GHSA-GWVM-VRP4-4PP5 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend

Impact angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The detected environment variables are written to a ngssc.json file in the output directory. During deployment of an Angular based app, the environment...

angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend

Impact angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The detected environment variables are written to a ngssc.json file in the output directory. During deployment of an Angular based app, the environment...

CVE-2023-28444

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

Design/Logic Flaw

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

CVE-2023-28444 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

CVE-2023-28444 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

CVE-2023-28444

The CVE concerns angular-server-side-configuration. It detects environment variables in TypeScript files during Angular CLI build, writes them to ngssc.json, and can expose them in index.html. In monorepo deployments with a backend, this may leak variables; a mitigation in v15.1.0 adds a searchPa...

CVE-2023-28444 angular-server-side-configuration information disclosure vulnerability in monorepo with node.js backend

angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript .ts files during build time of an Angular CLI project. The...

angular-server-side-configuration 信息泄露漏洞

angular-server-side-configuration is an application. A security vulnerability exists in angular-server-side-configuration versions 15.0.0 through 15.1.0, which stems from the presence of an information disclosure vulnerability...

Security Bulletin: IBM Planning Analytics Workspace is affected by vulnerabilties (CVE-2022-43548, CVE-2020-7676, CVE-2021-42550, CVE-2021-38561, CVE-2022-32149)

Summary IBM Planning Analytics Workspace is affected by vulnerabilities. Node.js is an open-source and cross-platform JavaScript runtime environment CVE-2022-43548. Angular is a JavaScript framework that extends HTML CVE-2020-7676. Logback is a logging library for Java CVE-2021-42550. Golang Go...

Security Bulletin: IBM Sterling Control Center is vulnerable to denial of service due to Node.js Angular (CVE-2022-25844)

Summary IBM Sterling Control Center uses Node.js Angular which is vulnerable to a denial of service, caused by a regular expression denial of service. Vulnerability Details CVEID:CVE-2022-25844 DESCRIPTION: Node.js Angular module is vulnerable to a denial of service, caused by a regular expressio...

Security Bulletin: Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak.

Summary Multiple Security Vulnerabilities may affect IBM Robotic Process Automation for Cloud Pak. Angular is part of the .NET RHEL infrastructure CVE-2021-4231. Apache UIMA is used by IBM Robotic Process Automation as part of Watson NLP CVE-2022-32287. SnakeYaml is used by IBM Robotic Process...

Server Side Template Injection

Description alf-event is vulnerable to Server Side Template Injection via angular Proof of Concept VIDEO: With an authenticated user, access the admin panel. Create a organization and then Go to users and create new user having username 77 in that organization Now login with this username and you...

Malicious Package

Overview angular-portal-dependencies is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if th...