VYPR

apk package

chainguard/solr-oci-compat

pkg:apk/chainguard/solr-oci-compat

Vulnerabilities (24)

  • CVE-2023-26117Mar 30, 2023
    affected < 9.9.0-r3fixed 9.9.0-r3

    Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage of an insecure regular expression. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result i

  • CVE-2022-25869Jul 15, 2022
    affected < 9.8.1-r0fixed 9.8.1-r0

    All versions of the package angular; all versions of the package angularjs.core; all versions of the package angularjs are vulnerable to Cross-site Scripting (XSS) due to insecure page caching in the Internet Explorer browser, which allows interpolation of elements.

  • CVE-2021-4231May 26, 2022
    affected < 9.7.0-r1fixed 9.7.0-r1

    A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first.

  • CVE-2022-25844May 1, 2022
    affected < 9.9.0-r3fixed 9.9.0-r3

    The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat() of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value. **Note:** 1) This p

Page 2 of 2