{"package":"angular","ecosystem":"npm","latest_version":"1.8.3","description":"HTML enhanced for web apps","license":"MIT","homepage":"http://angularjs.org","repository":"https://github.com/angular/angular.js","downloads_weekly":522282,"health":{"score":8,"risk":"critical","breakdown":{"maintenance":0,"popularity":14,"security":7,"maturity":15,"community":2},"deprecated":true,"max_score":100},"vulnerabilities":{"count":9,"critical":0,"high":0,"medium":9,"low":0,"details":[{"vuln_id":"CVE-2023-26117","severity":"medium","summary":"angular vulnerable to regular expression denial of service via the $resource service","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2023-03-30T06:30:26Z"},{"vuln_id":"CVE-2023-26116","severity":"medium","summary":"angular vulnerable to regular expression denial of service via the angular.copy() utility","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2023-03-30T06:30:26Z"},{"vuln_id":"CVE-2024-21490","severity":"medium","summary":"angular vulnerable to super-linear runtime due to backtracking","affected_versions":">=1.3.0","fixed_version":null,"source":"osv","published_at":"2024-02-10T06:30:19Z"},{"vuln_id":"CVE-2025-0716","severity":"medium","summary":"AngularJS improperly sanitizes SVG elements","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2025-04-29T18:30:59Z"},{"vuln_id":"CVE-2022-25844","severity":"medium","summary":"angular vulnerable to regular expression denial of service (ReDoS)","affected_versions":">=1.7.0","fixed_version":null,"source":"osv","published_at":"2022-05-03T00:00:44Z"},{"vuln_id":"CVE-2024-8372","severity":"medium","summary":"AngularJS allows attackers to bypass common image source restrictions","affected_versions":">=1.3.0-rc.4","fixed_version":null,"source":"osv","published_at":"2024-09-09T15:30:41Z"},{"vuln_id":"CVE-2024-8373","severity":"medium","summary":"AngularJS allows attackers to bypass common image source restrictions","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2024-09-09T15:30:41Z"},{"vuln_id":"CVE-2022-25869","severity":"medium","summary":"Angular (deprecated package) Cross-site Scripting","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2022-07-16T00:00:20Z"},{"vuln_id":"CVE-2023-26118","severity":"medium","summary":"angular vulnerable to regular expression denial of service via the <input type=\"url\"> element","affected_versions":">=0","fixed_version":null,"source":"osv","published_at":"2023-03-30T06:30:25Z"}]},"versions":{"latest":"1.8.3","total_count":144,"recent":["1.6.6","1.6.7","1.6.8","1.6.9","1.6.10","1.7.0-rc.0","1.7.0","1.7.1","1.7.2","1.7.3","1.7.4","1.7.5","1.7.6","1.7.7","1.7.8","1.7.9","1.8.0","1.8.1","1.8.2","1.8.3"]},"metadata":{"deprecated":true,"deprecated_message":"For the actively supported Angular, see https://www.npmjs.com/package/@angular/core. AngularJS support has officially ended. For extended AngularJS support options, see https://goo.gle/angularjs-path-forward.","maintainers_count":1,"first_published":"2012-03-28T11:40:21.575Z","last_published":"2022-04-07T22:12:36.643Z","dependencies_count":0,"dependencies":[]},"_preprocessed":true,"_cache":"hit","_response_ms":0}