CVE-2023-34840

angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting XSS vulnerability...

CVE-2023-34840

CVE-2023-34840 affects angular-ui-notification versions 0.1.0, 0.2.0, and 0.3.6, which are reported to contain a cross-site scripting (XSS) vulnerability. The connected documents consistently describe an XSS flaw in this library; however, they do not provide concrete technical details such as the...

PT-2023-25027 · Unknown · Angular-Ui-Notification

Name of the Vulnerable Software and Affected Versions: angular-ui-notification versions 0.1.0 through 0.3.6 Description: The issue is related to a cross-site scripting XSS vulnerability. This type of vulnerability allows an attacker to inject malicious scripts into a website, potentially leading ...

Malicious code in angular-mep (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 681355ff3db8d03fa0216e4ff152cb0be7e3cd485423c68fc2d3b33c8feae3a5 The OpenSSF Package Analysis project identified 'angular-mep' @ 1.3.0 npm as malicious. It is considered malicious because: - The package...

MAL-2023-1112 Malicious code in angular-mep (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 681355ff3db8d03fa0216e4ff152cb0be7e3cd485423c68fc2d3b33c8feae3a5 The OpenSSF Package Analysis project identified 'angular-mep' @ 1.3.0 npm as malicious. It is considered malicious because: - The package...

angular: XSS vulnerability

A flaw was found in the angular/core package. Affected versions of this package are vulnerable to Cross-site scripting XSS in development, with Server-side rendering SSR enabled...

A Bootiful Podcast: Angular Google Developer Expert Santosh Yadav

Hi, Spring fans! In this installment Josh Long @coffesoftware talks to Angular Google Developer Expert Santosh Yadav @santoshyadavdev about the latest and greatest in the JavaScript and Angular ecosystem...

Malicious Package

Overview flask-angular is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

PT-2023-6903 · Ibm · Ibm Security Guardium Data Encryption +1

Name of the Vulnerable Software and Affected Versions: IBM Security Guardium Data Encryption IBM Guardium Cloud Key Manager GCKM version 1.10.3 Description: The issue is caused by an angular template injection flaw, allowing a remote attacker to execute arbitrary code on the system by sending a...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the input type element which allows an attacker to crash the application by submitting maliciously crafted input...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the resource service which allows an attacker to crash the application by submitting maliciously crafted input...

Regular Expression Denial Of Service (ReDoS)

angular is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability exists due to inefficient regular expression complexity in the angular.copy function. which allows an attacker to crash the application by submitting maliciously crafted input...

Sensitive Information Disclosure

angular-server-side-configuration is vulnerable to Sensitive Information Disclosure. The vulnerability is due to leaking of environment variables because the library detects used environment variables in TypeScript files and writes them to a ngssc.json file in the output directory, which is then...

SUSE CVE-2023-26116

Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in...

GHSA-2VRF-HF26-JRP5 angular vulnerable to regular expression denial of service via the angular.copy() utility

All versions of the package angular are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...

angular vulnerable to regular expression denial of service via the $resource service

All versions of the package angular are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtrackin...

GHSA-2QQX-W9HR-Q5GX angular vulnerable to regular expression denial of service via the $resource service

All versions of the package angular are vulnerable to Regular Expression Denial of Service ReDoS via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtrackin...

angular vulnerable to regular expression denial of service via the angular.copy() utility

All versions of the package angular are vulnerable to Regular Expression Denial of Service ReDoS via the angular.copy utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2023-26117 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26117 Source advisory: OSV:GHSA-2QQX-W9HR-Q5GX...

10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +3309 more potentially affected by CVE-2023-26116 via angular (>=0.0.1 <=1.8.3)

angular NPM version =0.0.1, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2023-26116 Source advisory: OSV:GHSA-2VRF-HF26-JRP5...