Description
Versions of i18n-node-angular prior to 1.4.0 are affected by denial of service and cross-site scripting vulnerabilities. The vulnerabilities exist in a REST endpoint that was created for development purposes, but was not disabled in production in affected versions.
Recommendation
Update the i18n-node-angular package to the latest compatible version. Followings are version details:
- Affected version(s): < 1.4.0
- Patched version(s): 1.4.0
References
Related Issues
- Denial of Service in mqtt - CVE-2016-1000242
- Regular Expression Denial of Service in jadedown - CVE-2016-10520
- @hono/node-server has Denial of Service risk when receiving Host header that cannot be parsed - CVE-2024-32652
- Denial of Service in jquery - CVE-2016-10707
- Tags:
- npm
- i18n-node-angular
Anything's wrong? Let us know Last updated on February 01, 2023