Lucene search
K

5 matches found

NVD
NVD
added 2026/06/22 6:16 p.m.9 views

CVE-2026-50171

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS0.00161EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 3:49 p.m.33 views

CVE-2026-50171 Angular: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS0.00161EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/22 3:49 p.m.6 views

CVE-2026-50171

Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.15, 20.3.22, and 19.2.23, a Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber functio...

8.2CVSS5.8AI score0.00161EPSS
Exploits0
Veracode
Veracode
added 2026/06/20 7:33 a.m.5 views

Denial Of Service (DoS)

angular/common is vulnerable to Denial of Service DoS. The vulnerability is due to improper validation of the digitsInfo parameter in the formatNumber function, which allows an attacker to supply excessively large fraction digit values that trigger an unbounded loop and excessive memory...

8.2CVSS5.8AI score0.00161EPSS
Exploits0References7Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/15 4:52 p.m.35 views

@angular/common: Denial of Service (DoS) via OOM in Number Formatting (digitsInfo)

A Denial of Service DoS vulnerability exists in the @angular/common package of Angular. The formatNumber function, which is also utilized by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. Specifically, the minimum and maximum...

8.2CVSS5.5AI score0.00161EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder