VYPR

npm package

@angular/common

pkg:npm/%40angular/common

Vulnerabilities (1)

  • CVE-2025-66035HigNov 26, 2025
    affected >= 21.0.0-next.0, < 21.0.1fixed 21.0.1

    Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.16, 20.3.14, and 21.0.1, there is a XSRF token leakage via protocol-relative URLs in angular HTTP clients. The vulnerability