7 matches found
Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
Impact Angular uses a DI container the "platform injector" to hold request-specific state during server-side rendering. For historical reasons, the container was stored as a JavaScript module-scoped global variable. When multiple requests are processed concurrently, they could inadvertently share...
GHSA-68X2-MX4Q-78M7 Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
Impact Angular uses a DI container the "platform injector" to hold request-specific state during server-side rendering. For historical reasons, the container was stored as a JavaScript module-scoped global variable. When multiple requests are processed concurrently, they could inadvertently share...
CVE-2025-59052
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container the "platform injector" to hold request-specific state during server-side rendering. For historical reasons, the container was stored as ...
CVE-2025-59052 Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container the "platform injector" to hold request-specific state during server-side rendering. For historical reasons, the container was stored as ...
CVE-2025-59052
CVE-2025-59052: Angular SSR race condition in the platform injector can cause cross-request data leaks due to a global injector state shared across concurrent SSR requests. Affected: Angular SSR/server rendering path using bootstrapApplication, getPlatform, or destroyPlatform. Patched in all acti...
CVE-2025-59052 Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container the "platform injector" to hold request-specific state during server-side rendering. For historical reasons, the container was stored as ...
CVE-2025-59052 Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container the "platform injector" to hold request-specific state during server-side rendering. For historical reasons, the container was stored as ...