npm package
@angular/platform-server
pkg:npm/%40angular/platform-server
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-41423 | Med | 5.3 | >= 22.0.0-next.0, < 22.0.0-next.8 | 22.0.0-next.8 | May 8, 2026 | Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.21, 20.3.19, 21.2.9, and 22.0.0-next.8, a Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server | |
| CVE-2025-59052 | Hig | — | >= 16.0.0-next.0, < 18.2.14 | 18.2.14 | Sep 10, 2025 | Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container (the "platform injector") to hold request-specific state during server-side rendering. For historical reasons, the conta |
- affected >= 22.0.0-next.0, < 22.0.0-next.8fixed 22.0.0-next.8
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to versions 19.2.21, 20.3.19, 21.2.9, and 22.0.0-next.8, a Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server
- affected >= 16.0.0-next.0, < 18.2.14fixed 18.2.14
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Angular uses a DI container (the "platform injector") to hold request-specific state during server-side rendering. For historical reasons, the conta