5 matches found
CVE-2026-50171
A flaw was found in the @angular/common package of Angular. The formatNumber function, which is also used by DecimalPipe, PercentPipe, and CurrencyPipe, does not properly validate the upper bounds of the digitsInfo parameter. A remote attacker could exploit this by providing a maliciously crafted...
Linux Distros Unpatched Vulnerability : CVE-2026-50171
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-rc.2, 21.2.1...
PT-2026-49562
Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.0-rc.2 Angular versions prior to 21.2.15 Angular versions prior to 20.3.22 Angular versions prior to 19.2.23 Description A Denial of Service DoS issue exists in the @angular/common package. The formatNumber...
chakra: Stack-use-after-scope in char16_t const* PlatformAgnostic::Intl::FormatNumber<int>
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=6197060945575936 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Stack-use-after-scope READ 3 Crash Address: 0x7f3d2ffda0c0 Crash State: char16t const...
chakra: Stack-use-after-scope in char16_t const* PlatformAgnostic::Intl::FormatNumber<double>
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5972830278647808 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: Stack-use-after-scope READ 3 Crash Address: 0x7f9ca422b8c0 Crash State: char16t const...