ГлавнаяУязвимости → CVE-2026-44643
10критическая

CVE-2026-44643

Описание

Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to 1.5.2, an attacker can write a malicious expression using filters that escapes the sandbox to execute arbitrary code on the system. This vulnerability is fixed in 1.5.2.

Затрагиваемое ПО
Peerigon Angular-expressions
CVSS
Балл10 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Источники
https://github.com/peerigon/angular-expressions/security/advisories/GHSA-pw8r-6689-xvf4