CVE-2024-54152
- EPSS 15.82%
- Veröffentlicht 10.12.2024 16:15:23
- Zuletzt bearbeitet 10.12.2024 16:15:23
Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. With a more compl...
CVE-2021-21277
- EPSS 0.32%
- Veröffentlicht 01.02.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:47:54
angular-expressions is "angular's nicest part extracted as a standalone module for the browser and node". In angular-expressions before version 1.1.2 there is a vulnerability which allows Remote Code Execution if you call "expressions.compile(userCon...
CVE-2020-5219
- EPSS 0.63%
- Veröffentlicht 24.01.2020 16:15:11
- Zuletzt bearbeitet 21.11.2024 05:33:42
Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an at...