Spaces:
Sleeping
Sleeping
Commit
•
89a30f5
1
Parent(s):
fed91b5
Delete data/CVE-Angular.csv
Browse files- data/CVE-Angular.csv +0 -38
data/CVE-Angular.csv
DELETED
|
@@ -1,38 +0,0 @@
|
|
| 1 |
-
"Name","Status","Description","References","Phase","Votes",
|
| 2 |
-
CVE-2015-0167;Candidate;Cross-site scripting (XSS) vulnerability in textAngular-sanitize.js in textAngular before 1.3.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors to the editor.;CONFIRM:https://github.com/fraywing/textAngular/releases/tag/v1.3.7 | XF:textangular-cve20150167-xss(100929) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/100929;Assigned (20141118);None (candidate not yet proposed)
|
| 3 |
-
CVE-2015-10035;Candidate;A vulnerability was found in gperson angular-test-reporter and classified as critical. This issue affects the function getProjectTables/addTest of the file rest-server/data-server.js. The manipulation leads to sql injection. The patch is named a29d8ae121b46ebfa96a55a9106466ab2ef166ae. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217715.;MISC:https://github.com/gperson/angular-test-reporter/commit/a29d8ae121b46ebfa96a55a9106466ab2ef166ae | URL:https://github.com/gperson/angular-test-reporter/commit/a29d8ae121b46ebfa96a55a9106466ab2ef166ae | MISC:https://vuldb.com/?ctiid.217715 | URL:https://vuldb.com/?ctiid.217715 | MISC:https://vuldb.com/?id.217715 | URL:https://vuldb.com/?id.217715;Assigned (20230109);None (candidate not yet proposed)
|
| 4 |
-
CVE-2016-0926;Candidate;Cross-site scripting (XSS) vulnerability in Apps Manager in Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.6.32 and 1.7.x before 1.7.8 allows remote attackers to inject arbitrary web script or HTML via unspecified input that improperly interacts with the AngularJS framework.;BID:91677 | URL:http://www.securityfocus.com/bid/91677 | CONFIRM:https://pivotal.io/security/cve-2016-0926;Assigned (20151217);None (candidate not yet proposed)
|
| 5 |
-
CVE-2016-10524;Candidate;i18n-node-angular is a module used to interact between i18n and angular without using additional resources. A REST API endpoint that is used for development in i18n-node-angular before 1.4.0 was not disabled in production environments a malicious user could fill up the server causing a Denial of Service or content injection.;MISC:https://github.com/oliversalzburg/i18n-node-angular/commit/877720d2d9bb90dc8233706e81ffa03f99fc9dc8 | MISC:https://nodesecurity.io/advisories/80;Assigned (20171029);None (candidate not yet proposed)
|
| 6 |
-
CVE-2016-4428;Candidate;Cross-site scripting (XSS) vulnerability in OpenStack Dashboard (Horizon) 8.0.1 and earlier and 9.0.0 through 9.0.1 allows remote authenticated users to inject arbitrary web script or HTML by injecting an AngularJS template in a dashboard form.;MISC:DSA-3617 | URL:http://www.debian.org/security/2016/dsa-3617 | MISC:RHSA-2016:1268 | URL:https://access.redhat.com/errata/RHSA-2016:1268 | MISC:RHSA-2016:1269 | URL:https://access.redhat.com/errata/RHSA-2016:1269 | MISC:RHSA-2016:1270 | URL:https://access.redhat.com/errata/RHSA-2016:1270 | MISC:RHSA-2016:1271 | URL:https://access.redhat.com/errata/RHSA-2016:1271 | MISC:RHSA-2016:1272 | URL:https://access.redhat.com/errata/RHSA-2016:1272 | MISC:[oss-security] 20160617 [OSSA-2016-010] XSS in Horizon client side template (CVE-2016-4428) | URL:http://www.openwall.com/lists/oss-security/2016/06/17/4 | MISC:https://bugs.launchpad.net/horizon/+bug/1567673 | URL:https://bugs.launchpad.net/horizon/+bug/1567673 | MISC:https://review.openstack.org/329996 | URL:https://review.openstack.org/329996 | MISC:https://review.openstack.org/329997 | URL:https://review.openstack.org/329997 | MISC:https://review.openstack.org/329998 | URL:https://review.openstack.org/329998 | MISC:https://security.openstack.org/ossa/OSSA-2016-010.html | URL:https://security.openstack.org/ossa/OSSA-2016-010.html;Assigned (20160502);None (candidate not yet proposed)
|
| 7 |
-
CVE-2017-12677;Candidate;IdentityServer3 2.4.x, 2.5.x, and 2.6.x before 2.6.1 has XSS in an Angular expression on the authorize response page, which might allow remote attackers to obtain sensitive information about the IdentityServer authorization response.;CONFIRM:https://github.com/IdentityServer/IdentityServer3/releases/tag/2.6.1;Assigned (20170807);None (candidate not yet proposed)
|
| 8 |
-
CVE-2017-16009;Candidate;ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid.;MISC:https://github.com/ceolter/ag-grid/issues/1287 | MISC:https://nodesecurity.io/advisories/327 | MISC:https://spring.io/blog/2016/01/28/angularjs-escaping-the-expression-sandbox-for-xss;Assigned (20171029);None (candidate not yet proposed)
|
| 9 |
-
CVE-2017-5246;Candidate;Biscom Secure File Transfer is vulnerable to AngularJS expression injection in the Display Name field. An authenticated user can populate this field with a valid AngularJS expression, wrapped in double curly-braces ({{ }}). This expression will be evaluated by any other authenticated user who views the attacker's display name. Affected versions are 5.0.0000 through 5.1.1026. The Issue is fixed in 5.1.1028.;CONFIRM:https://cve.biscom.com/bis-sft-cv-0004/ | MISC:https://twitter.com/i_bo0om/status/885050741567750145;Assigned (20170109);None (candidate not yet proposed)
|
| 10 |
-
CVE-2018-11537;Candidate;Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.;CONFIRM:https://auth0.com/docs/security/bulletins/cve-2018-11537;Assigned (20180529);None (candidate not yet proposed)
|
| 11 |
-
CVE-2018-13339;Candidate;Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.;MISC:https://github.com/TylerGarlick/angular-redactor/issues/77 | MISC:https://github.com/gleez/cms/issues/796;Assigned (20180705);None (candidate not yet proposed)
|
| 12 |
-
CVE-2018-18064;Candidate;cairo through 1.15.14 has an out-of-bounds stack-memory write during processing of a crafted document by WebKitGTK+ because of the interaction between cairo-rectangular-scan-converter.c (the generate and render_rows functions) and cairo-image-compositor.c (the _cairo_image_spans_and_zero function).;MISC:https://gitlab.freedesktop.org/cairo/cairo/issues/341 | MLIST:[mina-dev] 20210225 [jira] [Created] (FTPSERVER-500) Security vulnerability in common/lib/log4j-1.2.17.jar | URL:https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E;Assigned (20181008);None (candidate not yet proposed)
|
| 13 |
-
CVE-2018-3713;Candidate;angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path.;MISC:https://hackerone.com/reports/309120;Assigned (20171228);None (candidate not yet proposed)
|
| 14 |
-
CVE-2019-10768;Candidate;In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.;MISC:https://snyk.io/vuln/SNYK-JS-ANGULAR-534884 | MLIST:[nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rca37935d661f4689cb4119f1b3b224413b22be161b678e6e6ce0c69b@%3Ccommits.nifi.apache.org%3E;Assigned (20190403);None (candidate not yet proposed)
|
| 15 |
-
CVE-2019-11354;Candidate;The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows template injection in the title parameter of the Origin2 URI handler. This can be used to escape the underlying AngularJS sandbox and achieve remote code execution via an origin2://game/launch URL for QtApplication QDesktopServices communication.;MISC:http://gamasutra.com/view/news/340907/A_nowfixed_Origin_vulnerability_potentially_opened_the_client_to_hackers.php | MISC:http://packetstormsecurity.com/files/153375/dotProject-2.1.9-SQL-Injection.html | MISC:http://packetstormsecurity.com/files/153485/EA-Origin-Template-Injection-Remote-Code-Execution.html | MISC:https://blog.underdogsecurity.com/rce_in_origin_client/ | MISC:https://gizmodo.com/ea-origin-users-update-your-client-now-1834079604 | MISC:https://techcrunch.com/2019/04/16/ea-origin-bug-exposed-hackers/ | MISC:https://www.golem.de/news/sicherheitsluecke-ea-origin-fuehrte-schadcode-per-link-aus-1904-140738.html | MISC:https://www.pcmag.com/news/367801/security-flaw-allowed-any-app-to-run-using-eas-origin-clien | MISC:https://www.techradar.com/news/major-security-flaw-found-in-ea-origin-gaming-client | MISC:https://www.thesun.co.uk/tech/8877334/sims-4-battlefield-fifa-origin-hackers/ | MISC:https://www.trustedreviews.com/news/time-update-origin-eas-game-client-security-risk-just-installed-3697942 | MISC:https://www.vg247.com/2019/04/17/ea-origin-security-flaw-run-malicious-code-fixed/;Assigned (20190419);None (candidate not yet proposed)
|
| 16 |
-
CVE-2019-14863;Candidate;There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.;CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14863 | MISC:https://snyk.io/vuln/npm:angular:20150807;Assigned (20190810);None (candidate not yet proposed)
|
| 17 |
-
CVE-2019-17125;Candidate;A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS.;CONFIRM:https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1 | MISC:https://support.solarwinds.com/SuccessCenter/s/orion-platform;Assigned (20191004);None (candidate not yet proposed)
|
| 18 |
-
CVE-2019-17127;Candidate;A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation.;CONFIRM:https://support.solarwinds.com/SuccessCenter/s/article/Orion-Platform-2019-4-Hotfix-3?ui-force-components-controllers-recordGlobalValueProvider.RecordGvp.getRecord=1&r=116&ui-knowledge-components-aura-actions.KnowledgeArticleVersionCreateDraftFromOnlineAction.createDraftFromOnlineArticle=1 | MISC:https://support.solarwinds.com/SuccessCenter/s/orion-platform;Assigned (20191004);None (candidate not yet proposed)
|
| 19 |
-
CVE-2020-5219;Candidate;Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an attacker could run any browser script when the application code calls expressions.compile(userControlledInput). If running angular-expressions on the server, an attacker could run any Javascript expression, thus gaining Remote Code Execution.;CONFIRM:https://github.com/peerigon/angular-expressions/security/advisories/GHSA-hxhm-96pp-2m43 | MISC:http://blog.angularjs.org/2016/09/angular-16-expression-sandbox-removal.html | MISC:https://github.com/peerigon/angular-expressions/commit/061addfb9a9e932a970e5fcb913d020038e65667;Assigned (20200102);None (candidate not yet proposed)
|
| 20 |
-
CVE-2020-6200;Candidate;The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811, is vulnerable to client-side angularjs template injection, a variant of Cross-Site-Scripting (XSS) that exploits the templating facilities of the angular framework.;MISC:https://launchpad.support.sap.com/#/notes/2876413 | MISC:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=540935305;Assigned (20200108);None (candidate not yet proposed)
|
| 21 |
-
CVE-2020-7676;Candidate;"angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping ""<option>"" elements in ""<select>"" ones changes parsing behavior, leading to possibly unsanitizing code.";MISC:https://github.com/angular/angular.js/pull/17028, | MISC:https://snyk.io/vuln/SNYK-JS-ANGULAR-570058 | MLIST:[hadoop-ozone-commits] 20201008 [hadoop-ozone] branch master updated: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 (#1481) | URL:https://lists.apache.org/thread.html/r80f210a5f4833d59c5d3de17dd7312f9daba0765ec7d4052469f13f1@%3Cozone-commits.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201006 [GitHub] [hadoop-ozone] dineshchitlangia commented on a change in pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/r79e3feaaf87b81e80da0e17a579015f6dcb94c95551ced398d50c8d7@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201006 [GitHub] [hadoop-ozone] vivekratnavel opened a new pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/r57383582dcad2305430321589dfaca6793f5174c55da6ce8d06fbf9b@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201006 [jira] [Created] (HDDS-4316) Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/r198985c02829ba8285ed4f9b1de54a33b5f31b08bb38ac51fc86961b@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201006 [jira] [Updated] (HDDS-4316) Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/r3f05cfd587c774ea83c18e59eda9fa37fa9bbf3421484d4ee1017a20@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201007 [GitHub] [hadoop-ozone] vivekratnavel commented on pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/r455ebd83a1c69ae8fd897560534a079c70a483dbe1e75504f1ca499b@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201008 [GitHub] [hadoop-ozone] adoroszlai merged pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/r446c297cd6cda2bd7e345c9b0741d7f611df89902e5d515848c6f4b1@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201008 [jira] [Updated] (HDDS-4316) Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/rb6423268b25db0f800359986867648e11dbd38e133b9383e85067f02@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[hadoop-ozone-issues] 20201009 [GitHub] [hadoop-ozone] adoroszlai merged pull request #1481: HDDS-4316. Upgrade to angular 1.8.0 due to CVE-2020-7676 | URL:https://lists.apache.org/thread.html/rfa2b19d01d10a8637dc319a7d5994c3dbdb88c0a8f9a21533403577a@%3Cozone-issues.hadoop.apache.org%3E | MLIST:[nifi-commits] 20200930 svn commit: r1882168 - /nifi/site/trunk/security.html | URL:https://lists.apache.org/thread.html/rda99599896c3667f2cc9e9d34c7b6ef5d2bbed1f4801e1d75a2b0679@%3Ccommits.nifi.apache.org%3E;Assigned (20200121);None (candidate not yet proposed)
|
| 22 |
-
CVE-2021-21277;Candidate;"angular-expressions is ""angular's nicest part extracted as a standalone module for the browser and node"". In angular-expressions before version 1.1.2 there is a vulnerability which allows Remote Code Execution if you call ""expressions.compile(userControlledInput)"" where ""userControlledInput"" is text that comes from user input. The security of the package could be bypassed by using a more complex payload, using a "".constructor.constructor"" technique. In terms of impact: If running angular-expressions in the browser, an attacker could run any browser script when the application code calls expressions.compile(userControlledInput). If running angular-expressions on the server, an attacker could run any Javascript expression, thus gaining Remote Code Execution. This is fixed in version 1.1.2 of angular-expressions A temporary workaround might be either to disable user-controlled input that will be fed into angular-expressions in your application or allow only following characters in the userControlledInput.";CONFIRM:https://github.com/peerigon/angular-expressions/security/advisories/GHSA-j6px-jwvv-vpwq | URL:https://github.com/peerigon/angular-expressions/security/advisories/GHSA-j6px-jwvv-vpwq | MISC:http://blog.angularjs.org/2016/09/angular-16-expression-sandbox-removal.html | URL:http://blog.angularjs.org/2016/09/angular-16-expression-sandbox-removal.html | MISC:https://github.com/peerigon/angular-expressions/commit/07edb62902b1f6127b3dcc013da61c6316dd0bf1 | URL:https://github.com/peerigon/angular-expressions/commit/07edb62902b1f6127b3dcc013da61c6316dd0bf1 | MISC:https://www.npmjs.com/package/angular-expressions | URL:https://www.npmjs.com/package/angular-expressions;Assigned (20201222);None (candidate not yet proposed)
|
| 23 |
-
CVE-2021-29551;Candidate;TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.;CONFIRM:https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vqw6-72r7-fgw7 | URL:https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vqw6-72r7-fgw7 | MISC:https://github.com/tensorflow/tensorflow/commit/480641e3599775a8895254ffbc0fc45621334f68 | URL:https://github.com/tensorflow/tensorflow/commit/480641e3599775a8895254ffbc0fc45621334f68;Assigned (20210330);None (candidate not yet proposed)
|
| 24 |
-
CVE-2021-29612;Candidate;TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in Eigen implementation of `tf.raw_ops.BandedTriangularSolve`. The implementation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc#L269-L278) calls `ValidateInputTensors` for input validation but fails to validate that the two tensors are not empty. Furthermore, since `OP_REQUIRES` macro only stops execution of current function after setting `ctx->status()` to a non-OK value, callers of helper functions that use `OP_REQUIRES` must check value of `ctx->status()` before continuing. This doesn't happen in this op's implementation(https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc#L219), hence the validation that is present is also not effective. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.;CONFIRM:https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2xgj-xhgf-ggjv | URL:https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2xgj-xhgf-ggjv | MISC:https://github.com/tensorflow/tensorflow/commit/0ab290774f91a23bebe30a358fde4e53ab4876a0 | URL:https://github.com/tensorflow/tensorflow/commit/0ab290774f91a23bebe30a358fde4e53ab4876a0 | MISC:https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2 | URL:https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2;Assigned (20210330);None (candidate not yet proposed)
|
| 25 |
-
CVE-2021-32816;Candidate;ProtonMail Web Client is the official AngularJS web client for the ProtonMail secure email service. ProtonMail Web Client before version 3.16.60 has a regular expression denial-of-service vulnerability. This was fixed in commit 6687fb. There is a full report available in the referenced GHSL-2021-027.;CONFIRM:https://securitylab.github.com/advisories/GHSL-2021-027-redos-ProtonMail/ | URL:https://securitylab.github.com/advisories/GHSL-2021-027-redos-ProtonMail/ | MISC:https://github.com/ProtonMail/WebClient/commit/6687fbb867ef872c96cf4fde68cb6e9c58d3fddc | URL:https://github.com/ProtonMail/WebClient/commit/6687fbb867ef872c96cf4fde68cb6e9c58d3fddc;Assigned (20210512);None (candidate not yet proposed)
|
| 26 |
-
CVE-2021-32854;Candidate;textAngular is a text editor for Angular.js. Version 1.5.16 and prior are vulnerable to copy-paste cross-site scripting (XSS). For this particular type of XSS, the victim needs to be fooled into copying a malicious payload into the text editor. There are no known patches.;CONFIRM:https://securitylab.github.com/advisories/GHSL-2021-1001-textAngular/ | URL:https://securitylab.github.com/advisories/GHSL-2021-1001-textAngular/;Assigned (20210512);None (candidate not yet proposed)
|
| 27 |
-
CVE-2021-41174;Candidate;"Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(‘alert(1)’)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.";CONFIRM:https://security.netapp.com/advisory/ntap-20211125-0003/ | CONFIRM:https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8 | URL:https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8 | MISC:https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912 | URL:https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912 | MISC:https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82 | URL:https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82 | MISC:https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88 | URL:https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88;Assigned (20210915);None (candidate not yet proposed)
|
| 28 |
-
CVE-2021-4231;Candidate;A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 11.0.5 and 11.1.0-next.3 is able to address this issue. The name of the patch is ba8da742e3b243e8f43d4c63aa842b44e14f2b09. It is recommended to upgrade the affected component.;MISC:https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09 | URL:https://github.com/angular/angular/commit/ba8da742e3b243e8f43d4c63aa842b44e14f2b09 | MISC:https://github.com/angular/angular/issues/40136 | URL:https://github.com/angular/angular/issues/40136 | MISC:https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902 | URL:https://security.snyk.io/vuln/SNYK-JS-ANGULARCORE-1070902 | MISC:https://vuldb.com/?id.181356 | URL:https://vuldb.com/?id.181356;Assigned (20220526);None (candidate not yet proposed)
|
| 29 |
-
CVE-2022-25844;Candidate;The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. **Note:** 1) This package has been deprecated and is no longer maintained. 2) The vulnerable versions are 1.7.0 and higher.;CONFIRM:https://security.netapp.com/advisory/ntap-20220629-0009/ | FEDORA:FEDORA-2022-e016e6f445 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WUSPYOTOMAZPDEFPWPSCSPMNODRDKK3/ | FEDORA:FEDORA-2022-edf635cf39 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LNAKCNTVBIHWAUT3FKWV5N67PQXSZOO/ | MISC:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2772736 | URL:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2772736 | MISC:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2772738 | URL:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2772738 | MISC:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2772737 | URL:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2772737 | MISC:https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735 | URL:https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735 | MISC:https://stackblitz.com/edit/angularjs-material-blank-zvtdvb | URL:https://stackblitz.com/edit/angularjs-material-blank-zvtdvb;Assigned (20220224);None (candidate not yet proposed)
|
| 30 |
-
CVE-2022-25869;Candidate;All versions of package angular are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of <textarea> elements.;MISC:https://glitch.com/edit/%23%21/angular-repro-textarea-xss | URL:https://glitch.com/edit/%23%21/angular-repro-textarea-xss | MISC:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783 | URL:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-2949783 | MISC:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784 | URL:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-2949784 | MISC:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782 | URL:https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2949782 | MISC:https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781 | URL:https://snyk.io/vuln/SNYK-JS-ANGULAR-2949781;Assigned (20220224);None (candidate not yet proposed)
|
| 31 |
-
CVE-2022-27665;Candidate;Reflected XSS (via AngularJS sandbox escape expressions) exists in Progress Ipswitch WS_FTP Server 8.6.0. This can lead to execution of malicious code and commands on the client due to improper handling of user-provided input. By inputting malicious payloads in the subdirectory searchbar or Add folder filename boxes, it is possible to execute client-side commands. For example, there is Client-Side Template Injection via subFolderPath to the ThinClient/WtmApiService.asmx/GetFileSubTree URI.;MISC:https://community.progress.com/s/article/WS-FTP-Server-Critical-Vulnerability-September-2023 | MISC:https://docs.ipswitch.com/WS_FTP_Server2020/ReleaseNotes/index.htm | MISC:https://github.com/dievus/CVE-2022-27665;Assigned (20220323);None (candidate not yet proposed)
|
| 32 |
-
CVE-2023-26116;Candidate;Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.;FEDORA:FEDORA-2023-035866b576 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/ | FEDORA:FEDORA-2023-7342330743 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/ | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406320 | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406322 | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406321 | MISC:https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044 | URL:https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044 | MISC:https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos | URL:https://stackblitz.com/edit/angularjs-vulnerability-angular-copy-redos;Assigned (20230220);None (candidate not yet proposed)
|
| 33 |
-
CVE-2023-26117;Candidate;Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.;FEDORA:FEDORA-2023-035866b576 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/ | FEDORA:FEDORA-2023-7342330743 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/ | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406323 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406323 | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406325 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406325 | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406324 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406324 | MISC:https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045 | URL:https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045 | MISC:https://stackblitz.com/edit/angularjs-vulnerability-resource-trailing-slashes-redos | URL:https://stackblitz.com/edit/angularjs-vulnerability-resource-trailing-slashes-redos;Assigned (20230220);None (candidate not yet proposed)
|
| 34 |
-
CVE-2023-26118;Candidate;"Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type=""url""> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking.";FEDORA:FEDORA-2023-035866b576 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UDKFLKJ6VZKL52AFVW2OVZRMJWHMW55K/ | FEDORA:FEDORA-2023-7342330743 | URL:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OQWJLE5WE33WNMA54XSJIDXBRK2KL3XJ/ | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406326 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-5406326 | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406328 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBANGULAR-5406328 | MISC:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406327 | URL:https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-5406327 | MISC:https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046 | URL:https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373046 | MISC:https://stackblitz.com/edit/angularjs-vulnerability-inpur-url-validation-redos | URL:https://stackblitz.com/edit/angularjs-vulnerability-inpur-url-validation-redos;Assigned (20230220);None (candidate not yet proposed)
|
| 35 |
-
CVE-2023-26270;Candidate;IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 248119.;MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/248119 | MISC:https://www.ibm.com/support/pages/node/6995161 | URL:https://www.ibm.com/support/pages/node/6995161;Assigned (20230221);None (candidate not yet proposed)
|
| 36 |
-
CVE-2023-28444;Candidate;angular-server-side-configuration helps configure an angular application at runtime on the server or in a docker container via environment variables. angular-server-side-configuration detects used environment variables in TypeScript (.ts) files during build time of an Angular CLI project. The detected environment variables are written to a ngssc.json file in the output directory. During deployment of an Angular based app, the environment variables based on the variables from ngssc.json are inserted into the apps index.html (or defined index file). With version 15.0.0 the environment variable detection was widened to the entire project, relative to the angular.json file from the Angular CLI. In a monorepo setup, this could lead to environment variables intended for a backend/service to be detected and written to the ngssc.json, which would then be populated and exposed via index.html. This has NO IMPACT, in a plain Angular project that has no backend component. This vulnerability has been mitigated in version 15.1.0, by adding an option `searchPattern` which restricts the detection file range by default. As a workaround, manually edit or create ngssc.json or run script after ngssc.json generation.;MISC:https://github.com/kyubisation/angular-server-side-configuration/commit/d701f51260637a84ede278e248934e0437a7ff86 | URL:https://github.com/kyubisation/angular-server-side-configuration/commit/d701f51260637a84ede278e248934e0437a7ff86 | MISC:https://github.com/kyubisation/angular-server-side-configuration/releases/tag/v15.1.0 | URL:https://github.com/kyubisation/angular-server-side-configuration/releases/tag/v15.1.0 | MISC:https://github.com/kyubisation/angular-server-side-configuration/security/advisories/GHSA-gwvm-vrp4-4pp5 | URL:https://github.com/kyubisation/angular-server-side-configuration/security/advisories/GHSA-gwvm-vrp4-4pp5;Assigned (20230315);None (candidate not yet proposed)
|
| 37 |
-
CVE-2023-34840;Candidate;angular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability.;MISC:http://alexcrack.com | MISC:https://github.com/Xh4H/CVE-2023-34840 | MISC:https://github.com/alexcrack/angular-ui-notification;Assigned (20230607);None (candidate not yet proposed)
|
| 38 |
-
CVE-2023-40311;Candidate;Multiple stored XSS were found on different JSP files with unsanitized parameters in OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2 on multiple platforms that allow an attacker to store on database and then load on JSPs or Angular templates. The solution is to upgrade to Meridian 2023.1.6, 2022.1.19, 2021.1.30, 2020.1.38 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Jordi Miralles Comins for reporting this issue.;MISC:https://github.com/OpenNMS/opennms | URL:https://github.com/OpenNMS/opennms | MISC:https://github.com/OpenNMS/opennms/pull/6365 | URL:https://github.com/OpenNMS/opennms/pull/6365 | MISC:https://github.com/OpenNMS/opennms/pull/6366 | URL:https://github.com/OpenNMS/opennms/pull/6366;Assigned (20230814);None (candidate not yet proposed)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|