PT-2024-6803 · Unknown · Angular-Base64-Upload

Name of the Vulnerable Software and Affected Versions: angular-base64-upload versions prior to v0.1.21 Description: The issue is related to the angular-base64-upload library, which has a vulnerability that allows an attacker to execute arbitrary code on the server by uploading a specially crafted...

Exploit for CVE-2024-42640

CVE-2024-42640 CVE-2024-42640 Unauthenticated Re...

Malicious code in visa-ui-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd965500f041551c6ece4a137b88df7d7c601228f7e039a8130a8514a48b98e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8962 Malicious code in visa-ui-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware bd965500f041551c6ece4a137b88df7d7c601228f7e039a8130a8514a48b98e4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in design-system-components-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa76659f890e0326b1b129f7cf3c39dd4b242fa297217ef6b98e4b34fa602ba2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-8969 Malicious code in design-system-components-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa76659f890e0326b1b129f7cf3c39dd4b242fa297217ef6b98e4b34fa602ba2 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

RHSA-2023:0274 Red Hat Security Advisory: Red Hat OpenStack Platform 17.0 (python-XStatic-Angular) security update

Bulletin has no description...

RHSA-2022:8866 Red Hat Security Advisory: Red Hat OpenStack Platform 16.1.9 (python-XStatic-Angular) security update

Bulletin has no description...

RHSA-2022:8849 Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (python-XStatic-Angular) security update

Bulletin has no description...

MAL-2024-8899 Malicious code in acronym-decoder-chrome-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a3a001eb751394dba7b7d59d8580152ab849a2d8971aecc8c65f800c4276008 The OpenSSF Package Analysis project identified 'acronym-decoder-chrome-angular' @ 1.0.0 npm as malicious. It is considered malicious because: -...

Malicious code in acronym-decoder-chrome-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 1a3a001eb751394dba7b7d59d8580152ab849a2d8971aecc8c65f800c4276008 The OpenSSF Package Analysis project identified 'acronym-decoder-chrome-angular' @ 1.0.0 npm as malicious. It is considered malicious because: -...

MAL-2024-8897 Malicious code in onfido-web-sdk-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0dd02cb44d3292fc8de6ab92614219cc989a1d92d108bf83dc0a40883b44f0d The OpenSSF Package Analysis project identified 'onfido-web-sdk-angular' @ 0.1.0 npm as malicious. It is considered malicious because: - The...

Malicious code in onfido-web-sdk-angular (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis b0dd02cb44d3292fc8de6ab92614219cc989a1d92d108bf83dc0a40883b44f0d The OpenSSF Package Analysis project identified 'onfido-web-sdk-angular' @ 0.1.0 npm as malicious. It is considered malicious because: - The...

@adhd/react-hooks (=2.2.1), @aklesky/vite-config (>=0.7.9 <=0.9.0) +252 more potentially affected by CVE-2024-45812 via vite (>=5.0.0 <=5.1.7)

vite NPM version =5.0.0, =0.7.9, =17.1.0, =1.0.25-beta.0, =0.5.0, =2.0.0-beta.0, =0.22.0, =1.0.1, =1.0.0, =1.0.0, =0.9.0, =1.0.0-alpha.13, =1.0.0-alpha.1, =1.0.0-alpha.1, =1.0.0-alpha.4 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...

@angular-devkit/build-angular (>=18.1.0 <=18.2.0-rc.0), @angular/build (>=18.1.0 <=18.2.0-rc.0) +46 more potentially affected by CVE-2024-45812 via vite (>=5.3.0 <=5.3.5)

vite NPM version =5.3.0, =18.1.0, =18.1.0, =2.0.0-beta.3, =0.44.0, =5.0.0-alpha.11, =18.1.0, =18.1.0, =1.0.1, =11.17.8, =0.0.1, =14.190.0, =14.190.0, =0.0.1719809477737, =8.1.1, =8.5.5 - @hybrbase-front/cli =1.0.0 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...

@angular-devkit/build-angular (>=18.0.0 <=18.1.0-next.2), @angular/build (>=18.0.0 <=18.1.0-next.2) +58 more potentially affected by CVE-2024-45812 via vite (>=5.2.0 <=5.2.13)

vite NPM version =5.2.0, =18.0.0, =18.0.0, =5.0.0-alpha.4, =0.1.0-rc.8, =18.0.0-next.46, =18.0.0-next.46, =3.0.2, =3.5.0, =4.1.0, =34.0.0, =2.1.3, =1.2.0, =1.0.0, =11.17.0, =8.0.8, =8.1.0 and more Source cves: CVE-2024-45812 Source advisory: OSV:GHSA-64VR-G452-QVP3...

@angular-devkit/build-angular (>=18.0.0 <=18.1.0-next.2), @angular/build (>=18.0.0 <=18.1.0-next.2) +58 more potentially affected by CVE-2024-45811 via vite (>=5.2.0 <=5.2.13)

vite NPM version =5.2.0, =18.0.0, =18.0.0, =5.0.0-alpha.4, =0.1.0-rc.8, =18.0.0-next.46, =18.0.0-next.46, =3.0.2, =3.5.0, =4.1.0, =34.0.0, =2.1.3, =1.2.0, =1.0.0, =11.17.0, =8.0.8, =8.1.0 and more Source cves: CVE-2024-45811 Source advisory: OSV:GHSA-9CWX-2883-4WFX...

@angular-devkit/build-angular (>=18.1.0 <=18.2.0-rc.0), @angular/build (>=18.1.0 <=18.2.0-rc.0) +46 more potentially affected by CVE-2024-45811 via vite (>=5.3.0 <=5.3.5)

vite NPM version =5.3.0, =18.1.0, =18.1.0, =2.0.0-beta.3, =0.44.0, =5.0.0-alpha.11, =18.1.0, =18.1.0, =1.0.1, =11.17.8, =0.0.1, =14.190.0, =14.190.0, =0.0.1719809477737, =8.1.1, =8.5.5 - @hybrbase-front/cli =1.0.0 and more Source cves: CVE-2024-45811 Source advisory: OSV:GHSA-9CWX-2883-4WFX...

Content Spoofing

angular is vulnerable to Content Spoofing. The vulnerability is caused due to improper sanitization of the value of the srcset attribute in HTML elements. This allows attackers to bypass common image source restrictions, which can lead to a form of Content Spoofing...

Content Spoofing

angular is vulnerable to Content Spoofing. The vulnerability is caused by improper sanitization of the value of the srcset attribute. This allows attackers to bypass common image source restrictions, leading to a form of Content Spoofing...