VYPR
Moderate severityNVD Advisory· Published Jan 2, 2020· Updated Aug 5, 2024

CVE-2019-14863

CVE-2019-14863

Description

There is a vulnerability in all angular versions before 1.5.0-beta.0, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
angularnpm
< 1.5.0-beta.11.5.0-beta.1

Affected products

2
  • ghsa-coords
    Range: < 1.5.0-beta.1
  • Red Hat/angular:v5
    Range: all angular versions before 1.5.0-beta.0

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.