Search for packages
| purl | pkg:maven/org.webjars.bower/angular@1.5.0-rc.0 |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-8juz-913g-zfdb
Aliases: CVE-2024-21490 GHSA-4w4v-5hc9-xrr2 |
angular vulnerable to super-linear runtime due to backtracking This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. **Note:** This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core). | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T22:50:27.862508+00:00 | GitLab Importer | Affected by | VCID-8juz-913g-zfdb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.bower/angular/CVE-2024-21490.yml | 38.4.0 |
| 2026-04-12T00:09:56.500058+00:00 | GitLab Importer | Affected by | VCID-8juz-913g-zfdb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.bower/angular/CVE-2024-21490.yml | 38.3.0 |
| 2026-04-03T00:15:01.812132+00:00 | GitLab Importer | Affected by | VCID-8juz-913g-zfdb | https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.webjars.bower/angular/CVE-2024-21490.yml | 38.1.0 |