@angular/forms
Releases1.07K
Frequency3 days 10 hours
Last Release
Angular - directives and services for creating forms
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 1.2.1, >= 1.3.0, < 1.3.2 | 5.3 MEDIUM | 5 MEDIUM | ||
The package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via email validation. | ||||
| < 1.3.0 | — | 4.3 MEDIUM | ||
Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting | ||||