Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/angular@1.4.0-rc.1
Typenpm
Namespace
Nameangular
Version1.4.0-rc.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-55sp-gp98-23gr
vulnerability_id VCID-55sp-gp98-23gr
summary 
XSS in $sanitize in Safari/Firefox
Both Firefox and Safari are vulnerable to XSS if we use an inert document created via `document.implementation.createHTMLDocument()`.
references
0
reference_url https://github.com/angular/angular.js/blob/master/CHANGELOG.md#165-toffee-salinization-2017-07-03
reference_id
reference_type
scores
url https://github.com/angular/angular.js/blob/master/CHANGELOG.md#165-toffee-salinization-2017-07-03
1
reference_url https://github.com/angular/angular.js/commit/8f31f1ff43b673a24f84422d5c13d6312b2c4d94
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/8f31f1ff43b673a24f84422d5c13d6312b2c4d94
fixed_packages
0
url pkg:npm/angular@1.6.5
purl pkg:npm/angular@1.6.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5zzk-7d69-s7hn
1
vulnerability VCID-67hr-2fv8-ykcj
2
vulnerability VCID-758x-qqp7-2qah
3
vulnerability VCID-8nch-3tex-67dc
4
vulnerability VCID-cy2q-mtff-5kg4
5
vulnerability VCID-erfv-zy2t-hfhz
6
vulnerability VCID-g6uy-ey69-93b8
7
vulnerability VCID-gn5u-gf3m-f3c1
8
vulnerability VCID-n4ww-dxd4-2udn
9
vulnerability VCID-npfb-rzhh-d7eg
10
vulnerability VCID-p225-18fx-d7gr
11
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.5
aliases GMS-2017-134
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-55sp-gp98-23gr
1
url VCID-5zzk-7d69-s7hn
vulnerability_id VCID-5zzk-7d69-s7hn
summary Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26118.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26118.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26118
reference_id
reference_type
scores
0
value 0.00521
scoring_system epss
scoring_elements 0.67305
published_at 2026-06-11T12:55:00Z
1
value 0.00521
scoring_system epss
scoring_elements 0.67408
published_at 2026-06-14T12:55:00Z
2
value 0.00521
scoring_system epss
scoring_elements 0.6741
published_at 2026-06-13T12:55:00Z
3
value 0.00521
scoring_system epss
scoring_elements 0.67396
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26118
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26118
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26118
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26118
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26118
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
reference_id 1036694
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2183110
reference_id 2183110
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2183110
10
reference_url https://stackblitz.com/edit/angularjs-vulnerability-inpur-url-validation-redos
reference_id angularjs-vulnerability-inpur-url-validation-redos
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://stackblitz.com/edit/angularjs-vulnerability-inpur-url-validation-redos
11
reference_url https://github.com/advisories/GHSA-qwqh-hm9m-p5hr
reference_id GHSA-qwqh-hm9m-p5hr
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qwqh-hm9m-p5hr
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/
reference_id OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/
13
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406326
reference_id SNYK-JAVA-ORGWEBJARSBOWER-5406326
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406326
14
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406328
reference_id SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406328
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406328
15
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406327
reference_id SNYK-JAVA-ORGWEBJARSNPM-5406327
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406327
16
reference_url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046
reference_id SNYK-JS-ANGULAR-3373046
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/
reference_id UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:37:33Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/
18
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2023-26118, GHSA-qwqh-hm9m-p5hr
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zzk-7d69-s7hn
2
url VCID-67hr-2fv8-ykcj
vulnerability_id VCID-67hr-2fv8-ykcj
summary angular Prototype Pollution vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10768.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10768.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10768
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61964
published_at 2026-06-12T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61863
published_at 2026-06-11T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61967
published_at 2026-06-14T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61972
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10768
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10768
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10768
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3
5
reference_url https://github.com/angular/angular.js/pull/16913
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/pull/16913
6
reference_url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E
7
reference_url https://snyk.io/vuln/SNYK-JS-ANGULAR-534884
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-ANGULAR-534884
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1813309
reference_id 1813309
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1813309
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945249
reference_id 945249
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945249
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10768
reference_id CVE-2019-10768
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10768
11
reference_url https://github.com/advisories/GHSA-89mq-4x47-5v83
reference_id GHSA-89mq-4x47-5v83
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-89mq-4x47-5v83
12
reference_url https://access.redhat.com/errata/RHSA-2020:5568
reference_id RHSA-2020:5568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5568
13
reference_url https://access.redhat.com/errata/RHSA-2021:0417
reference_id RHSA-2021:0417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0417
14
reference_url https://access.redhat.com/errata/RHSA-2022:8849
reference_id RHSA-2022:8849
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8849
15
reference_url https://access.redhat.com/errata/RHSA-2022:8866
reference_id RHSA-2022:8866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8866
16
reference_url https://access.redhat.com/errata/RHSA-2023:0274
reference_id RHSA-2023:0274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0274
fixed_packages
0
url pkg:npm/angular@1.7.9
purl pkg:npm/angular@1.7.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4v93-h3e4-8ydq
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-758x-qqp7-2qah
3
vulnerability VCID-8nch-3tex-67dc
4
vulnerability VCID-cy2q-mtff-5kg4
5
vulnerability VCID-erfv-zy2t-hfhz
6
vulnerability VCID-g6uy-ey69-93b8
7
vulnerability VCID-gn5u-gf3m-f3c1
8
vulnerability VCID-npfb-rzhh-d7eg
9
vulnerability VCID-p225-18fx-d7gr
10
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.7.9
aliases CVE-2019-10768, GHSA-89mq-4x47-5v83
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-67hr-2fv8-ykcj
3
url VCID-758x-qqp7-2qah
vulnerability_id VCID-758x-qqp7-2qah
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21490.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21490.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21490
reference_id
reference_type
scores
0
value 0.02246
scoring_system epss
scoring_elements 0.84933
published_at 2026-06-11T12:55:00Z
1
value 0.02246
scoring_system epss
scoring_elements 0.84987
published_at 2026-06-14T12:55:00Z
2
value 0.02246
scoring_system epss
scoring_elements 0.84994
published_at 2026-06-13T12:55:00Z
3
value 0.02246
scoring_system epss
scoring_elements 0.84985
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21490
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21490
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21490
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
5
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
6
reference_url https://support.herodevs.com/hc/en-us/articles/25715686953485-CVE-2024-21490-AngularJS-Regular-Expression-Denial-of-Service-ReDoS
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://support.herodevs.com/hc/en-us/articles/25715686953485-CVE-2024-21490-AngularJS-Regular-Expression-Denial-of-Service-ReDoS
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088803
reference_id 1088803
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088803
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2263754
reference_id 2263754
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2263754
9
reference_url https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos
reference_id angularjs-vulnerability-ng-srcset-redos
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T19:24:29Z/
url https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-21490
reference_id CVE-2024-21490
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-21490
11
reference_url https://github.com/advisories/GHSA-4w4v-5hc9-xrr2
reference_id GHSA-4w4v-5hc9-xrr2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4w4v-5hc9-xrr2
12
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746
reference_id SNYK-JAVA-ORGWEBJARSBOWER-6241746
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T19:24:29Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-6241746
13
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747
reference_id SNYK-JAVA-ORGWEBJARSNPM-6241747
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T19:24:29Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6241747
14
reference_url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113
reference_id SNYK-JS-ANGULAR-6091113
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-12T19:24:29Z/
url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-6091113
15
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2024-21490, GHSA-4w4v-5hc9-xrr2
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-758x-qqp7-2qah
4
url VCID-8nch-3tex-67dc
vulnerability_id VCID-8nch-3tex-67dc
summary Angular vulnerable to Cross-site Scripting
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7676.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7676.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7676
reference_id
reference_type
scores
0
value 0.00563
scoring_system epss
scoring_elements 0.68948
published_at 2026-06-13T12:55:00Z
1
value 0.00563
scoring_system epss
scoring_elements 0.68842
published_at 2026-06-11T12:55:00Z
2
value 0.00563
scoring_system epss
scoring_elements 0.68935
published_at 2026-06-12T12:55:00Z
3
value 0.00563
scoring_system epss
scoring_elements 0.68944
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7676
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7676
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7676
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/commit/2df43c07779137d1bddf7f3b282a1287a8634acd
5
reference_url https://github.com/angular/angular.js/pull/17028
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/pull/17028
6
reference_url https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b%40%3Cozone-issues.hadoop.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20%40%3Cozone-issues.hadoop.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1%40%3Cozone-issues.hadoop.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b%40%3Cozone-issues.hadoop.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b%40%3Cozone-issues.hadoop.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7%40%3Cozone-issues.hadoop.apache.org%3E
18
reference_url https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E
19
reference_url https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1%40%3Cozone-commits.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1%40%3Cozone-commits.hadoop.apache.org%3E
20
reference_url https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E
21
reference_url https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02%40%3Cozone-issues.hadoop.apache.org%3E
22
reference_url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E
23
reference_url https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E
24
reference_url https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a%40%3Cozone-issues.hadoop.apache.org%3E
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a%40%3Cozone-issues.hadoop.apache.org%3E
25
reference_url https://snyk.io/vuln/SNYK-JS-ANGULAR-570058
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-ANGULAR-570058
26
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1849206
reference_id 1849206
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1849206
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7676
reference_id CVE-2020-7676
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7676
28
reference_url https://github.com/advisories/GHSA-mhp6-pxh8-r675
reference_id GHSA-mhp6-pxh8-r675
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mhp6-pxh8-r675
29
reference_url https://access.redhat.com/errata/RHSA-2020:5249
reference_id RHSA-2020:5249
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5249
30
reference_url https://access.redhat.com/errata/RHSA-2020:5568
reference_id RHSA-2020:5568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5568
31
reference_url https://access.redhat.com/errata/RHSA-2021:0417
reference_id RHSA-2021:0417
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0417
32
reference_url https://access.redhat.com/errata/RHSA-2021:0967
reference_id RHSA-2021:0967
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0967
33
reference_url https://access.redhat.com/errata/RHSA-2021:0968
reference_id RHSA-2021:0968
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0968
34
reference_url https://access.redhat.com/errata/RHSA-2021:0969
reference_id RHSA-2021:0969
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0969
35
reference_url https://access.redhat.com/errata/RHSA-2021:0974
reference_id RHSA-2021:0974
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:0974
fixed_packages
0
url pkg:npm/angular@1.8.0
purl pkg:npm/angular@1.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4v93-h3e4-8ydq
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-758x-qqp7-2qah
3
vulnerability VCID-cy2q-mtff-5kg4
4
vulnerability VCID-erfv-zy2t-hfhz
5
vulnerability VCID-g6uy-ey69-93b8
6
vulnerability VCID-gn5u-gf3m-f3c1
7
vulnerability VCID-p225-18fx-d7gr
8
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.8.0
aliases CVE-2020-7676, GHSA-mhp6-pxh8-r675
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nch-3tex-67dc
5
url VCID-cy2q-mtff-5kg4
vulnerability_id VCID-cy2q-mtff-5kg4
summary 
Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of  Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing .

This issue affects all versions of AngularJS.

Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see  here https://docs.angularjs.org/misc/version-support-status .
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8373.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8373.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8373
reference_id
reference_type
scores
0
value 0.00013
scoring_system epss
scoring_elements 0.02312
published_at 2026-06-14T12:55:00Z
1
value 0.00013
scoring_system epss
scoring_elements 0.02305
published_at 2026-06-13T12:55:00Z
2
value 0.00013
scoring_system epss
scoring_elements 0.0231
published_at 2026-06-12T12:55:00Z
3
value 0.00013
scoring_system epss
scoring_elements 0.02311
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8373
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8373
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8373
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
5
reference_url https://security.netapp.com/advisory/ntap-20241122-0003
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241122-0003
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088805
reference_id 1088805
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088805
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2310872
reference_id 2310872
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2310872
8
reference_url https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b
reference_id 8da9ce87e99403ee13a295c305ebfa0b
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:04:03Z/
url https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b
9
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-8373
reference_id cve-2024-8373
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:04:03Z/
url https://www.herodevs.com/vulnerability-directory/cve-2024-8373
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-8373
reference_id CVE-2024-8373
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-8373
11
reference_url https://github.com/advisories/GHSA-mqm9-c95h-x2p6
reference_id GHSA-mqm9-c95h-x2p6
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mqm9-c95h-x2p6
12
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2024-8373, GHSA-mqm9-c95h-x2p6
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cy2q-mtff-5kg4
6
url VCID-erfv-zy2t-hfhz
vulnerability_id VCID-erfv-zy2t-hfhz
summary 
Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of  Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing .

This issue affects AngularJS versions 1.3.0-rc.4 and greater.

Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see  here https://docs.angularjs.org/misc/version-support-status .
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8372.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-8372.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-8372
reference_id
reference_type
scores
0
value 0.00015
scoring_system epss
scoring_elements 0.03484
published_at 2026-06-14T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.0348
published_at 2026-06-12T12:55:00Z
2
value 0.00015
scoring_system epss
scoring_elements 0.0347
published_at 2026-06-13T12:55:00Z
3
value 0.00015
scoring_system epss
scoring_elements 0.03466
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-8372
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8372
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8372
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
5
reference_url https://security.netapp.com/advisory/ntap-20241122-0002
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20241122-0002
6
reference_url https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017
reference_id 0072e627abe03e9cda373bc75b4c1017
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:06:37Z/
url https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088804
reference_id 1088804
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088804
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2310871
reference_id 2310871
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2310871
9
reference_url https://www.herodevs.com/vulnerability-directory/cve-2024-8372
reference_id cve-2024-8372
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-09T15:06:37Z/
url https://www.herodevs.com/vulnerability-directory/cve-2024-8372
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-8372
reference_id CVE-2024-8372
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-8372
11
reference_url https://github.com/advisories/GHSA-m9gf-397r-hwpg
reference_id GHSA-m9gf-397r-hwpg
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-m9gf-397r-hwpg
12
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2024-8372, GHSA-m9gf-397r-hwpg
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erfv-zy2t-hfhz
7
url VCID-g6uy-ey69-93b8
vulnerability_id VCID-g6uy-ey69-93b8
summary All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25869.json
reference_id
reference_type
scores
0
value 4.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25869.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25869
reference_id
reference_type
scores
0
value 0.04265
scoring_system epss
scoring_elements 0.89107
published_at 2026-06-12T12:55:00Z
1
value 0.04265
scoring_system epss
scoring_elements 0.89069
published_at 2026-06-11T12:55:00Z
2
value 0.04265
scoring_system epss
scoring_elements 0.89114
published_at 2026-06-14T12:55:00Z
3
value 0.04265
scoring_system epss
scoring_elements 0.89115
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25869
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25869
3
reference_url https://glitch.com/edit/%23%21/angular-repro-textarea-xss
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://glitch.com/edit/%23%21/angular-repro-textarea-xss
4
reference_url https://neverendingsupport.github.io/angularjs-poc-cve-2022-25869
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://neverendingsupport.github.io/angularjs-poc-cve-2022-25869
5
reference_url https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJS-10771617
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJS-10771617
6
reference_url https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJSCORE-6084031
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-DOTNET-ANGULARJSCORE-6084031
7
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783
8
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784
9
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782
10
reference_url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-2949781
11
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783
12
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784
13
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782
14
reference_url https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781
15
reference_url https://www.npmjs.com/package/angular
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/package/angular
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
reference_id 1036694
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362768
reference_id 2362768
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362768
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25869
reference_id CVE-2022-25869
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25869
19
reference_url https://github.com/advisories/GHSA-prc3-vjfx-vhm9
reference_id GHSA-prc3-vjfx-vhm9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-prc3-vjfx-vhm9
fixed_packages
aliases CVE-2022-25869, GHSA-prc3-vjfx-vhm9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g6uy-ey69-93b8
8
url VCID-gn5u-gf3m-f3c1
vulnerability_id VCID-gn5u-gf3m-f3c1
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26116.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26116.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26116
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50885
published_at 2026-06-11T12:55:00Z
1
value 0.00272
scoring_system epss
scoring_elements 0.5102
published_at 2026-06-14T12:55:00Z
2
value 0.00272
scoring_system epss
scoring_elements 0.51033
published_at 2026-06-13T12:55:00Z
3
value 0.00272
scoring_system epss
scoring_elements 0.51018
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26116
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26116
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
5
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26116
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26116
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
reference_id 1036694
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2183109
reference_id 2183109
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2183109
11
reference_url https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos
reference_id angularjs-vulnerability-angular-copy-redos
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos
12
reference_url https://github.com/advisories/GHSA-2vrf-hf26-jrp5
reference_id GHSA-2vrf-hf26-jrp5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2vrf-hf26-jrp5
13
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/
reference_id OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/
14
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320
reference_id SNYK-JAVA-ORGWEBJARSBOWER-5406320
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320
15
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322
reference_id SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322
16
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321
reference_id SNYK-JAVA-ORGWEBJARSNPM-5406321
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321
17
reference_url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
reference_id SNYK-JS-ANGULAR-3373044
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/
reference_id UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:36:07Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/
19
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2023-26116, GHSA-2vrf-hf26-jrp5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gn5u-gf3m-f3c1
9
url VCID-knpg-smez-63bc
vulnerability_id VCID-knpg-smez-63bc
summary 
Bypass CSP protection
, AngularJS allows bootstrapping of invalid/bad svg and currentScript if it was clobbered.
references
0
reference_url https://github.com/angular/angular.js/blob/master/CHANGELOG.md#bug-fixes-5
reference_id
reference_type
scores
url https://github.com/angular/angular.js/blob/master/CHANGELOG.md#bug-fixes-5
1
reference_url https://github.com/angular/angular.js/commit/95f964b827b6f5b5aab10af54f7831316c7a9935
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/95f964b827b6f5b5aab10af54f7831316c7a9935
2
reference_url https://github.com/angular/angular.js/commit/c8f78a8ca9debc33a6deaf951f344b8d372bf210
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/c8f78a8ca9debc33a6deaf951f344b8d372bf210
fixed_packages
0
url pkg:npm/angular@1.6.3
purl pkg:npm/angular@1.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-n4ww-dxd4-2udn
10
vulnerability VCID-npfb-rzhh-d7eg
11
vulnerability VCID-p225-18fx-d7gr
12
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.3
aliases GMS-2017-110
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-knpg-smez-63bc
10
url VCID-n4ww-dxd4-2udn
vulnerability_id VCID-n4ww-dxd4-2udn
summary 
Cross Site Scripting
On Firefox there is a XSS vulnerability if a malicious attacker can write into the `xml:base` attribute on an SVG anchor.
references
0
reference_url https://github.com/RetireJS/retire.js/commit/ed3512729af76583b28611a4a1b6a8797d7f074c#diff-8b52b7156debed9dd797400ff51e3e15
reference_id
reference_type
scores
url https://github.com/RetireJS/retire.js/commit/ed3512729af76583b28611a4a1b6a8797d7f074c#diff-8b52b7156debed9dd797400ff51e3e15
fixed_packages
0
url pkg:npm/angular@1.6.9
purl pkg:npm/angular@1.6.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5zzk-7d69-s7hn
1
vulnerability VCID-67hr-2fv8-ykcj
2
vulnerability VCID-758x-qqp7-2qah
3
vulnerability VCID-8nch-3tex-67dc
4
vulnerability VCID-cy2q-mtff-5kg4
5
vulnerability VCID-erfv-zy2t-hfhz
6
vulnerability VCID-g6uy-ey69-93b8
7
vulnerability VCID-gn5u-gf3m-f3c1
8
vulnerability VCID-npfb-rzhh-d7eg
9
vulnerability VCID-p225-18fx-d7gr
10
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.9
aliases GMS-2018-9
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n4ww-dxd4-2udn
11
url VCID-npfb-rzhh-d7eg
vulnerability_id VCID-npfb-rzhh-d7eg
summary XSS via JQLite DOM manipulation functions in AngularJS
references
0
reference_url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
reference_id
reference_type
scores
url https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/
1
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
2
reference_url https://snyk.io/vuln/SNYK-JS-ANGULAR-570058
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JS-ANGULAR-570058
3
reference_url https://github.com/advisories/GHSA-5cp4-xmrw-59wf
reference_id GHSA-5cp4-xmrw-59wf
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5cp4-xmrw-59wf
4
reference_url https://github.com/google/security-research/security/advisories/GHSA-5cp4-xmrw-59wf
reference_id GHSA-5cp4-xmrw-59wf
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/google/security-research/security/advisories/GHSA-5cp4-xmrw-59wf
5
reference_url https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
reference_id GHSA-gxr4-xjj5-5px2
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/security/advisories/GHSA-gxr4-xjj5-5px2
6
reference_url https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
reference_id GHSA-jpcq-cgw6-v4j6
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jquery/jquery/security/advisories/GHSA-jpcq-cgw6-v4j6
7
reference_url https://github.com/advisories/GHSA-mhp6-pxh8-r675
reference_id GHSA-mhp6-pxh8-r675
reference_type
scores
0
value 5.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mhp6-pxh8-r675
fixed_packages
0
url pkg:npm/angular@1.8.0
purl pkg:npm/angular@1.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4v93-h3e4-8ydq
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-758x-qqp7-2qah
3
vulnerability VCID-cy2q-mtff-5kg4
4
vulnerability VCID-erfv-zy2t-hfhz
5
vulnerability VCID-g6uy-ey69-93b8
6
vulnerability VCID-gn5u-gf3m-f3c1
7
vulnerability VCID-p225-18fx-d7gr
8
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.8.0
aliases GHSA-5cp4-xmrw-59wf, GMS-2020-703
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-npfb-rzhh-d7eg
12
url VCID-p1jd-7g5e-cba6
vulnerability_id VCID-p1jd-7g5e-cba6
summary 
Denial of service in $sanitize
Running $sanitize on bad HTML can freeze the browser. The problem occurs with clobbered data; typically the "nextSibling" property on an element is changed to one of it's child node, this makes it impossible to walk the HTML tree and leads to an infinite loop which freezes the browser.
references
fixed_packages
0
url pkg:npm/angular@1.6.3
purl pkg:npm/angular@1.6.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-n4ww-dxd4-2udn
10
vulnerability VCID-npfb-rzhh-d7eg
11
vulnerability VCID-p225-18fx-d7gr
12
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.3
aliases GMS-2017-115
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p1jd-7g5e-cba6
13
url VCID-p225-18fx-d7gr
vulnerability_id VCID-p225-18fx-d7gr
summary 
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of  Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing  and also negatively affect the application's performance and behavior by using too large or slow-to-load images.

This issue affects all versions of AngularJS.

Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see  here https://docs.angularjs.org/misc/version-support-status .
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0716.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-0716.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-0716
reference_id
reference_type
scores
0
value 8e-05
scoring_system epss
scoring_elements 0.00821
published_at 2026-06-14T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00815
published_at 2026-06-12T12:55:00Z
2
value 8e-05
scoring_system epss
scoring_elements 0.00819
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-0716
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0716
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0716
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-0716
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-0716
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104485
reference_id 1104485
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104485
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2362958
reference_id 2362958
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2362958
8
reference_url https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915
reference_id a86a0d29310e12c7a3756768e6c7b915
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T18:33:33Z/
url https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915
9
reference_url https://www.herodevs.com/vulnerability-directory/cve-2025-0716
reference_id cve-2025-0716
reference_type
scores
0
value 4.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
1
value 2.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-29T18:33:33Z/
url https://www.herodevs.com/vulnerability-directory/cve-2025-0716
10
reference_url https://github.com/advisories/GHSA-j58c-ww9w-pwp5
reference_id GHSA-j58c-ww9w-pwp5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j58c-ww9w-pwp5
11
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2025-0716, GHSA-j58c-ww9w-pwp5
risk_score 2.1
exploitability 0.5
weighted_severity 4.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p225-18fx-d7gr
14
url VCID-sjvs-aer9-h3fx
vulnerability_id VCID-sjvs-aer9-h3fx
summary Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26117.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-26117.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-26117
reference_id
reference_type
scores
0
value 0.0025
scoring_system epss
scoring_elements 0.48696
published_at 2026-06-14T12:55:00Z
1
value 0.0025
scoring_system epss
scoring_elements 0.4871
published_at 2026-06-13T12:55:00Z
2
value 0.00272
scoring_system epss
scoring_elements 0.50885
published_at 2026-06-11T12:55:00Z
3
value 0.00272
scoring_system epss
scoring_elements 0.51018
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-26117
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26117
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26117
3
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
4
reference_url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2025/07/msg00005.html
5
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-26117
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-26117
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
reference_id 1036694
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036694
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2183108
reference_id 2183108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2183108
10
reference_url https://stackblitz.com/edit/angularjs-vulnerability-resource-trailing-slashes-redos
reference_id angularjs-vulnerability-resource-trailing-slashes-redos
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://stackblitz.com/edit/angularjs-vulnerability-resource-trailing-slashes-redos
11
reference_url https://github.com/advisories/GHSA-2qqx-w9hr-q5gx
reference_id GHSA-2qqx-w9hr-q5gx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2qqx-w9hr-q5gx
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/
reference_id OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/
13
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406323
reference_id SNYK-JAVA-ORGWEBJARSBOWER-5406323
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406323
14
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406325
reference_id SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406325
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406325
15
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406324
reference_id SNYK-JAVA-ORGWEBJARSNPM-5406324
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406324
16
reference_url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045
reference_id SNYK-JS-ANGULAR-3373045
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/
reference_id UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-14T15:38:00Z/
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/
18
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
aliases CVE-2023-26117, GHSA-2qqx-w9hr-q5gx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjvs-aer9-h3fx
15
url VCID-ssaf-wq66-cubj
vulnerability_id VCID-ssaf-wq66-cubj
summary AngularJS Cross-site Scripting due to failure to sanitize `xlink.href` attributes
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14863.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14863.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14863
reference_id
reference_type
scores
0
value 0.00097
scoring_system epss
scoring_elements 0.2676
published_at 2026-06-11T12:55:00Z
1
value 0.00156
scoring_system epss
scoring_elements 0.36404
published_at 2026-06-14T12:55:00Z
2
value 0.00156
scoring_system epss
scoring_elements 0.36415
published_at 2026-06-13T12:55:00Z
3
value 0.00156
scoring_system epss
scoring_elements 0.36391
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14863
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14863
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14863
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14863
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14863
4
reference_url https://github.com/angular/angular.js
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js
5
reference_url https://github.com/angular/angular.js/commit/35a21532b73d5bd84b4325211c563e6a3e2dde82
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/commit/35a21532b73d5bd84b4325211c563e6a3e2dde82
6
reference_url https://github.com/angular/angular.js/commit/f33ce173c90736e349cf594df717ae3ee41e0f7a
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/commit/f33ce173c90736e349cf594df717ae3ee41e0f7a
7
reference_url https://github.com/angular/angular.js/pull/12524
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/pull/12524
8
reference_url https://snyk.io/vuln/npm:angular:20150807
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/npm:angular:20150807
9
reference_url https://www.npmjs.com/advisories/1453
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1453
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1763589
reference_id 1763589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1763589
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942833
reference_id 942833
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942833
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-14863
reference_id CVE-2019-14863
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-14863
13
reference_url https://github.com/advisories/GHSA-r5fx-8r73-v86c
reference_id GHSA-r5fx-8r73-v86c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r5fx-8r73-v86c
14
reference_url https://access.redhat.com/errata/RHSA-2019:4069
reference_id RHSA-2019:4069
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4069
15
reference_url https://access.redhat.com/errata/RHSA-2019:4071
reference_id RHSA-2019:4071
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:4071
16
reference_url https://usn.ubuntu.com/7958-1/
reference_id USN-7958-1
reference_type
scores
url https://usn.ubuntu.com/7958-1/
fixed_packages
0
url pkg:npm/angular@1.5.0-beta.1
purl pkg:npm/angular@1.5.0-beta.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.5.0-beta.1
1
url pkg:npm/angular@1.5.0-beta.2
purl pkg:npm/angular@1.5.0-beta.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-knpg-smez-63bc
10
vulnerability VCID-n4ww-dxd4-2udn
11
vulnerability VCID-npfb-rzhh-d7eg
12
vulnerability VCID-p1jd-7g5e-cba6
13
vulnerability VCID-p225-18fx-d7gr
14
vulnerability VCID-sjvs-aer9-h3fx
15
vulnerability VCID-xp29-gqf1-hyg6
16
vulnerability VCID-ybnx-xvb3-wkga
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.5.0-beta.2
aliases CVE-2019-14863, GHSA-r5fx-8r73-v86c
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ssaf-wq66-cubj
16
url VCID-xp29-gqf1-hyg6
vulnerability_id VCID-xp29-gqf1-hyg6
summary 
Bypass CSP protection
Extension URIs (`resource://...`) bypass ````Content-Security-Policy```` in Chrome and Firefox and can always be loaded. Now if a site already has a XSS bug, and uses CSP to protect itself, but the user has an extension installed that uses Angular, an attacked can load Angular from the extension, and Angular's auto-bootstrapping can be used to bypass the victim site's CSP protection.
references
0
reference_url https://github.com/angular/angular.js/commit/0ff10e1b56c6b7c4ac465e35c96a5886e294bac5
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/0ff10e1b56c6b7c4ac465e35c96a5886e294bac5
1
reference_url https://github.com/angular/angular.js/commit/6ce2913d99bb0dade6027ba9733295d0aa13b242
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/6ce2913d99bb0dade6027ba9733295d0aa13b242
2
reference_url https://github.com/angular/angular.js/commit/a649758655843275cc477fb638f8e55f72a4eaa6
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/a649758655843275cc477fb638f8e55f72a4eaa6
3
reference_url https://github.com/angular/angular.js/commit/ebe90051eda8a3328e5993cca1663e28d03113d0
reference_id
reference_type
scores
url https://github.com/angular/angular.js/commit/ebe90051eda8a3328e5993cca1663e28d03113d0
4
reference_url https://github.com/mozilla/addons-linter/issues/1000
reference_id
reference_type
scores
url https://github.com/mozilla/addons-linter/issues/1000
fixed_packages
0
url pkg:npm/angular@1.5.9
purl pkg:npm/angular@1.5.9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-knpg-smez-63bc
10
vulnerability VCID-n4ww-dxd4-2udn
11
vulnerability VCID-npfb-rzhh-d7eg
12
vulnerability VCID-p1jd-7g5e-cba6
13
vulnerability VCID-p225-18fx-d7gr
14
vulnerability VCID-sjvs-aer9-h3fx
15
vulnerability VCID-ybnx-xvb3-wkga
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.5.9
1
url pkg:npm/angular@1.6.0-rc.1
purl pkg:npm/angular@1.6.0-rc.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-knpg-smez-63bc
10
vulnerability VCID-n4ww-dxd4-2udn
11
vulnerability VCID-npfb-rzhh-d7eg
12
vulnerability VCID-p1jd-7g5e-cba6
13
vulnerability VCID-p225-18fx-d7gr
14
vulnerability VCID-sjvs-aer9-h3fx
15
vulnerability VCID-ybnx-xvb3-wkga
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.0-rc.1
2
url pkg:npm/angular@1.6.0
purl pkg:npm/angular@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-knpg-smez-63bc
10
vulnerability VCID-n4ww-dxd4-2udn
11
vulnerability VCID-npfb-rzhh-d7eg
12
vulnerability VCID-p1jd-7g5e-cba6
13
vulnerability VCID-p225-18fx-d7gr
14
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.0
aliases GMS-2016-73
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xp29-gqf1-hyg6
17
url VCID-ybnx-xvb3-wkga
vulnerability_id VCID-ybnx-xvb3-wkga
summary Cross-Site Scripting via JSONP
references
0
reference_url https://github.com/angular/angular.js/commit/6476af83cd0418c84e034a955b12a842794385c4
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/angular/angular.js/commit/6476af83cd0418c84e034a955b12a842794385c4
1
reference_url https://www.npmjs.com/advisories/1630
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.npmjs.com/advisories/1630
2
reference_url https://github.com/advisories/GHSA-28hp-fgcr-2r4h
reference_id GHSA-28hp-fgcr-2r4h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-28hp-fgcr-2r4h
fixed_packages
0
url pkg:npm/angular@1.6.0
purl pkg:npm/angular@1.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-55sp-gp98-23gr
1
vulnerability VCID-5zzk-7d69-s7hn
2
vulnerability VCID-67hr-2fv8-ykcj
3
vulnerability VCID-758x-qqp7-2qah
4
vulnerability VCID-8nch-3tex-67dc
5
vulnerability VCID-cy2q-mtff-5kg4
6
vulnerability VCID-erfv-zy2t-hfhz
7
vulnerability VCID-g6uy-ey69-93b8
8
vulnerability VCID-gn5u-gf3m-f3c1
9
vulnerability VCID-knpg-smez-63bc
10
vulnerability VCID-n4ww-dxd4-2udn
11
vulnerability VCID-npfb-rzhh-d7eg
12
vulnerability VCID-p1jd-7g5e-cba6
13
vulnerability VCID-p225-18fx-d7gr
14
vulnerability VCID-sjvs-aer9-h3fx
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/angular@1.6.0
aliases GHSA-28hp-fgcr-2r4h, GMS-2019-114
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ybnx-xvb3-wkga
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/angular@1.4.0-rc.1