codelyzer icon indicating copy to clipboard operation
codelyzer copied to clipboard

Published 20 hours ago verified publisher icon mgechev

Update Angular to resolve vulnerability CVE-2021-4231

Open NotTheSamAdamsGuy opened this issue 3 years ago • 3 comments

Versions of Angular < 11.0.5 have a cross-site scripting vulnerability as described at https://github.com/advisories/GHSA-c75v-2vq8-878f.

NotTheSamAdamsGuy avatar Aug 31 '22 18:08 NotTheSamAdamsGuy

same issue here due to the version 9.0.0 of @angular/core referenced in package.json any info about when the correction will be shipped ?

ahoss63 avatar Oct 11 '22 14:10 ahoss63

Same issue A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2

amanyzohair avatar Dec 11 '22 10:12 amanyzohair

If you install this dependency as a dev dependency is still a problem but not that important and as I understood should be always a dev dependency

jponce-meyler avatar Aug 17 '23 10:08 jponce-meyler