WS-2017-0121 (High) detected in angular-1.2.30.tgz #85
Labels
security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-for-github-com
bot
added
the
security vulnerability
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2017-0121 - High Severity Vulnerability
HTML enhanced for web apps
Library home page: https://registry.npmjs.org/angular/-/angular-1.2.30.tgz
Path to dependency file: /tmp/ws-scm/esri.github.io/package.json
Path to vulnerable library: /esri.github.io/node_modules/angular/package.json,/esri.github.io/node_modules/angular/package.json
Dependency Hierarchy:
Found in HEAD commit: a4d59687db7452886288c3f1faa3a43e975f6ff8
Affected versions of Angular.js are vulnerable to Arbitrary Code Execution via unsafe svg animation tags.
Publish Date: 2017-01-20
URL: WS-2017-0121
Base Score Metrics not available
Type: Upgrade version
Origin: angular/angular.js#11290
Release Date: 2017-01-31
Fix Resolution: v1.4.0-beta.6
The text was updated successfully, but these errors were encountered: