We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.5.11.tgz
Path to dependency file: /package.json
Path to vulnerable library: /home/wss-scanner/.yarn/berry/cache/angular-npm-1.5.11-136e8acd47-10.zip
Dependency Hierarchy:
Library home page: https://registry.npmjs.org/angular/-/angular-1.8.3.tgz
Path to vulnerable library: /home/wss-scanner/.yarn/berry/cache/angular-npm-1.8.3-0e5e833690-10.zip
Library home page: https://registry.npmjs.org/angular/-/angular-1.6.10.tgz
Path to vulnerable library: /home/wss-scanner/.yarn/berry/cache/angular-npm-1.6.10-36c4afca0d-10.zip
Found in HEAD commit: d87706978173ac6516da5e83374518c21263b77b
Found in base branch: master
Improper sanitization of the value of the [srcset] attribute in HTML elements in AngularJS allows attackers to bypass common image source restrictions, which can also lead to a form of Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing .
This issue affects all versions of AngularJS.
Note: The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
Publish Date: 2024-09-09
URL: CVE-2024-8373
Base Score Metrics:
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered:
No branches or pull requests
CVE-2024-8373 - Medium Severity Vulnerability
Vulnerable Libraries - angular-1.5.11.tgz, angular-1.8.3.tgz, angular-1.6.10.tgz
angular-1.5.11.tgz
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.5.11.tgz
Path to dependency file: /package.json
Path to vulnerable library: /home/wss-scanner/.yarn/berry/cache/angular-npm-1.5.11-136e8acd47-10.zip
Dependency Hierarchy:
angular-1.8.3.tgz
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.8.3.tgz
Path to dependency file: /package.json
Path to vulnerable library: /home/wss-scanner/.yarn/berry/cache/angular-npm-1.8.3-0e5e833690-10.zip
Dependency Hierarchy:
angular-1.6.10.tgz
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.6.10.tgz
Path to dependency file: /package.json
Path to vulnerable library: /home/wss-scanner/.yarn/berry/cache/angular-npm-1.6.10-36c4afca0d-10.zip
Dependency Hierarchy:
Found in HEAD commit: d87706978173ac6516da5e83374518c21263b77b
Found in base branch: master
Vulnerability Details
Improper sanitization of the value of the [srcset] attribute in
This issue affects all versions of AngularJS.
Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see here https://docs.angularjs.org/misc/version-support-status .
Publish Date: 2024-09-09
URL: CVE-2024-8373
CVSS 3 Score Details (4.8)
Base Score Metrics:
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: