Security Advisory

Augular Expressions Security Update Advisory (CVE-2024-54152)

  • Dec 13 2024

Overview

 

An update has been released to address vulnerabilities in Augular Expressions. Users of the affected versions are advised to update to the latest version.
 

 

Affected Products

 

CVE-2024-54152

  • Augular Expressions versions: ~ 1.4.2 (inclusive)

 

 

Resolved Vulnerabilities

 

Vulnerability that could allow arbitrary code execution on the system bypassing the sandbox (CVE-2024-54152)

 

 

Vulnerability Patches

Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2024-54152

  • Augular Expressions version: 1.4.3

 

 

Referenced Sites

 

[1] CVE-2024-54152 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-54152

[2] Angular Expressions – Remote Code Execution when using locals

https://github.com/peerigon/angular-expressions/security/advisories/GHSA-5462-4vcx-jh7j

[3] Angular Expressions/commit

https://github.com/peerigon/angular-expressions/commit/97f7ad94006156eeb97fc942332578b6cfbf8eef

Tags:

Previous Post

Next Post