Angular-expressions Security Vulnerabilities and Issues — Angular-expressions CVE List

Lucene search

PeerigonAngular-expressions

3 matches found

CVE•added 2021/02/01 3:15 p.m.•63 views

CVE-2021-21277

angular-expressions is "angular's nicest part extracted as a standalone module for the browser and node". In angular-expressions before version 1.1.2 there is a vulnerability which allows Remote Code Execution if you call "expressions.compile(userControlledInput)" where "userControlledInput" is tex...

8.8CVSS8.8AI score0.00722EPSS

CVE•added 2024/12/10 4:15 p.m.•52 views

CVE-2024-54152

Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. With a more complex (undisclosed) payload, one can get full access...

9.3CVSS7.6AI score0.22692EPSS

CVE•added 2020/01/24 4:15 p.m.•46 views

CVE-2020-5219

Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an attacker could run any browser script when the appl...

8.8CVSS9AI score0.00633EPSS