VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Angularjs
> Angular
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2023-03-30
CVE-2023-26116
Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression.
network
low complexity
angularjs
fedoraproject
5.3
5.3
2023-03-30
CVE-2023-26117
Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression.
network
low complexity
angularjs
fedoraproject
5.3
5.3
2023-03-30
CVE-2023-26118
Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality.
network
low complexity
angularjs
fedoraproject
5.3
5.3
2022-07-15
CVE-2022-25869
Cross-site Scripting vulnerability in Angularjs Angular
All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
network
low complexity
angularjs
CWE-79
6.1
6.1
2022-05-01
CVE-2022-25844
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value.
network
low complexity
angularjs
fedoraproject
netapp
7.5
7.5