pkg:npm/@angular/ssr

6 total CVEsMEDIUM1

✅ Check your installed version

All known vulnerabilities

  • MEDIUM6.1CVE-2026-33397Protocol-Relative URL Injection via Single Backslash Bypass in Angular SSR
    >= 22.0.0-next.0, < 22.0.0-next.2
  • CVE-2026-44437Angular SSR has Open Redirect and Request Steering via Encoded X-Forwarded-Prefix
    >= 22.0.0-next.0, < 22.0.0-next.7
  • CVE-2026-27739Angular SSR is vulnerable to SSRF and Header Injection via request handling pipeline
    >= 21.2.0-next.0, < 21.2.0-rc.1
  • CVE-2026-27738Angular SSR has an Open Redirect via X-Forwarded-Prefix
    >= 21.2.0-next.0, < 21.2.0-rc.1
  • CVE-2025-62427Angular SSR has a Server-Side Request Forgery (SSRF) flaw
    >= 19.0.0-next.0, < 19.2.18
  • CVE-2025-59052Angular SSR: Global Platform Injector Race Condition Leads to Cross-Request Data Leakage
    >= 17.0.0-next.0, < 18.2.21