3 matches found
CVE-2026-54266
Angular’s HttpTransferCache uses a weak 32‑bit DJB2‑like hash to generate TransferState cache keys, enabling hash collisions that let attackers overwrite a victim’s cached SSR responses (state poisoning and potential data leakage) by visiting crafted links. This affects Angular versions prior to ...
CVE-2026-54266
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.1, 21.2.17, and 20.3.25, Angular's HttpTransferCache caches HTTP requests made during Server-Side Rendering SSR so that they can be reused during...
@angular/common: Weak 32-Bit Cache Key Hashing in `HttpTransferCache` Leading to Cross-Request Data Leakage and State Poisoning
Angular's HttpTransferCache caches HTTP requests made during Server-Side Rendering SSR so that they can be reused during client-side hydration. This avoids repeating the same HTTP requests on the client. The cached responses are stored in TransferState using a cache key generated by hashing reque...