CPE-A3A80824-A8DB-4B83-B397-0B516270823E Detail

CPE Details

AngularJS 1.3.0 Beta 6

Vendor

angularjs

Product

angular.js

Version

1.3.0

Created

2019-12-05
19h06 +00:00

Modified

2019-12-05
19h06 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:angularjs:angular.js:1.3.0:beta6::::::

Informations

Vendor

angularjs

Product

angular.js

Version

1.3.0

Update

beta6

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2024-8373	2024-09-09 14h48 +00:00	Improper sanitization of the value of the [srcset] attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing . This issue affects all versions of AngularJS. Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .	4.8	Medium
CVE-2024-21490	2024-02-10 05h00 +00:00	This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to super-linear runtime due to backtracking. With large carefully-crafted input, this can result in catastrophic backtracking and cause a denial of service. Note: This package is EOL and will not receive any updates to address this issue. Users should migrate to [@angular/core](https://www.npmjs.com/package/@angular/core).	7.5	High
CVE-2020-7676	2020-06-08 11h34 +00:00	angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "	5.4	Medium
CVE-2019-14863	2020-01-02 13h20 +00:00	There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.	6.1	Medium
CVE-2019-10768	2019-11-19 19h07 +00:00	In AngularJS before 1.7.9 the function `merge()` could be tricked into adding or modifying properties of `Object.prototype` using a `__proto__` payload.	7.5	High

AngularJS 1.3.0 Beta 6

CPE Details

CPE Name: cpe:2.3:a:angularjs:angular.js:1.3.0:beta6:*:*:*:*:*:*

Informations

Vendor

Product

Version

Update

Related CVE

CPE Name: cpe:2.3:a:angularjs:angular.js:1.3.0:beta6::::::