Search...
Toggle theme

Vulnerabilities Fixed in NES

Resolved vulnerabilities since AngularJS reached End-of-Life (EOL)

Since AngularJS reached End-of-Life (EOL) on December 31, 2021, a number of vulnerabilities have been fixed in AngularJS NES and AngularJS 1.5 NES, including some newly disclosed CVEs:

  • CVE-2024-8373 - HeroDevs discovered the vulnerability during our routine scans and analysis and disclosed this Medium Severity CVE. Prior to this CVE being published, HeroDevs provided a fix in AngularJS NES versions 1.9.6 and 1.5.22 and notified our AngularJS announcement lists.
  • CVE-2024-8372 - HeroDevs discovered the vulnerability during our routine scans and analysis and disclosed this Medium Severity CVE. Prior to this CVE being published, HeroDevs provided a fix in AngularJS NES versions 1.9.6 and 1.5.22 and notified our AngularJS announcement lists.
  • CVE-2024-21490 - XLTS.dev discovered this vulnerability during our routine scans and analysis. We disclosed this High Severity CVE through Snyk. Prior to this CVE being published, XLTS.dev provided a fix in XLTS for AngularJS version 1.9.3 and 1.5.19 and notified our AngularJS announcement lists.
  • CVE-2023-26118 - XLTS.dev discovered this vulnerability during our routine scans and analysis. We disclosed this Medium Severity CVE through Snyk. Prior to this CVE being published, XLTS.dev provided a fix in XLTS for AngularJS version 1.9.1 and 1.5.17 and notified our AngularJS announcement lists.
  • CVE-2023-26117 - XLTS.dev discovered this vulnerability during our routine scans and analysis. We disclosed this Medium Severity CVE through Snyk. Prior to this CVE being published, XLTS.dev provided a fix in XLTS for AngularJS version 1.9.1 and 1.5.17 and notified our AngularJS announcement lists.
  • CVE-2023-26116 - XLTS.dev discovered this vulnerability during our routine scans and analysis. We disclosed this Medium Severity CVE through Snyk. Prior to this CVE being published, XLTS.dev provided a fix in XLTS for AngularJS version 1.9.1 and 1.5.17 and notified our AngularJS announcement lists.
  • CVE-2022-25869 - XLTS.dev discovered this vulnerability during our routine cross-browser End-To-End testing automation. We disclosed this Medium Severity CVE through Snyk. Prior to this CVE being published, XLTS.dev provided a fix in XLTS for AngularJS versions 1.9.0 and 1.5.16 and notified our AngularJS announcement lists.
  • CVE-2022-25844 - XLTS.dev discovered this vulnerability during our routine scans and analysis. We disclosed this Medium Severity CVE through Snyk. Prior to this CVE being published, XLTS.dev provided a fix in XLTS for AngularJS version 1.8.8 and notified our AngularJS announcement lists.
  • SNYK-JS-ANGULAR-572020 - This High Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.13.
  • CVE-2020-7676 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.13.
  • CVE-2019-10768 - This High Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.14.
  • SNYK-JS-ANGULAR-471885 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.14.
  • SNYK-JS-ANGULAR-471882 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.14.
  • SNYK-JS-ANGULAR-471879 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.15.
  • npm:angular:20180202 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.14.
  • npm:angular:20171018 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.13.
  • npm:angular:20150315 - This Medium Severity vulnerability had already been fixed in AngularJS 1.8.x before reaching End-of-Life, but not in version 1.5.x. XLTS.dev backported the fix and released it in XLTS for AngularJS version 1.5.15.

For a full list of known vulnerabilities in AngularJS (including those impacting older versions of AngularJS), you can visit the AngularJS vulnerabilities page on Snyk.

Types of Fixes
Can you provide detail on the kind of fixes included?
Configuring from XLTS
How do I configure AngularJS if I was an XLTS customer?