Google Angularjs vulnerabilities
5 known vulnerabilities affecting google/angularjs.
Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM5
Vulnerabilities
Page 1 of 1
CVE-2025-4690MEDIUMCVSS 4.3v>=0.0.02025-08-19
CVE-2025-4690 [MEDIUM] CWE-1333 CVE-2025-4690: A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/link
A regular expression used by AngularJS' linky https://docs.angularjs.org/api/ngSanitize/filter/linky filter to detect URLs in input text is vulnerable to super-linear runtime due to backtracking. With a large carefully-crafted input, this can cause a
Regular expression Denial of Service (ReDoS) https://owasp.org/www-community/attacks/Regular_express
cvelistv5nvd
CVE-2025-2336MEDIUMCVSS 4.8v>=1.3.12025-06-04
CVE-2025-2336 [MEDIUM] CWE-791 CVE-2025-2336: Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elemen
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS's 'ngSanitize' module allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing and also negatively affect the application's performance and
cvelistv5nvd
CVE-2025-0716MEDIUMCVSS 4.8v>=0.0.02025-04-29
CVE-2025-0716 [MEDIUM] CWE-791 CVE-2025-0716: Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elemen
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing and also negatively affect the application's performance and behavior by using too
cvelistv5nvd
CVE-2024-8373MEDIUMCVSS 4.3v>=0.0.02024-09-09
CVE-2024-8373 [MEDIUM] CWE-791 CVE-2024-8373: Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS
Improper sanitization of the value of the [srcset] attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing .
This issue affects all versions of AngularJS.
Note:
The AngularJS project is End-of-Life an
cvelistv5nvd
CVE-2024-8372MEDIUMCVSS 4.3v>=1.3.0-rc.42024-09-09
CVE-2024-8372 [MEDIUM] CWE-1289 CVE-2024-8372: Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass
Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing .
This issue affects AngularJS versions 1.3.0-rc.4 and greater.
Note:
The AngularJS project is End-of-Life a
cvelistv5nvd