Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Angularjs Subscribe
Filtered by product Angular.js
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-10768 1 Angularjs 1 Angular.js 2022-12-02 5.0 MEDIUM 7.5 HIGH
In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.
CVE-2020-7676 1 Angularjs 1 Angular.js 2020-10-09 3.5 LOW 5.4 MEDIUM
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.
CVE-2019-14863 2 Angularjs, Redhat 3 Angular.js, Decision Manager, Process Automation 2020-01-09 4.3 MEDIUM 6.1 MEDIUM
There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.