Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass com

Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restricti

This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive i

Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url

Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource servic

Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy()

All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnera

A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling o

The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule t

angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanit

There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the

In AngularJS before 1.7.9 the function merge() could be tricked into adding or modifying properties of Object.prototype using