Angular.js@* Security Vulnerabilities and Issues — Angular.js@* CVE List

Lucene search

AngularjsAngular.js*

3 matches found

CVE•added 2024/02/10 5:15 a.m.•477 views

CVE-2024-21490

This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service....

7.5CVSS7.2AI score0.00655EPSS

CVE•added 2024/09/09 3:15 p.m.•99 views

CVE-2024-8372

Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects AngularJS versions 1.3.0-rc.4 and gr...

4.8CVSS4.6AI score0.00173EPSS

CVE•added 2024/09/09 3:15 p.m.•75 views

CVE-2024-8373

Improper sanitization of the value of the [srcset] attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of An...

4.8CVSS4.5AI score0.00043EPSS