CVE-2026-46417
Gravedad CVSS v4.0:
ALTA
Tipo:
CWE-918
Falsificación de solicitud en servidor (SSRF)
Fecha de publicación:
22/06/2026
Última modificación:
15/07/2026
Descripción
*** Pendiente de traducción *** Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22, a Server-Side Request Forgery (SSRF) vulnerability exists in @angular/platform-server. The issue stems from how the server-side rendering (SSR) engine processes the request URL provided to the rendering entry points. When an absolute-form URL (e.g., http://evil.com) is passed to the rendering engine, the internal ServerPlatformLocation can be manipulated into adopting the attacker-controlled domain as the "current" hostname. Consequently, any relative HttpClient requests or PlatformLocation.hostname references are redirected to the attacker controlled server, potentially exposing internal APIs or metadata services. This vulnerability is fixed in 22.0.0-next.12, 21.2.13, 20.3.21, and 19.2.22.
Impacto
Puntuación base 4.0
8.80
Gravedad 4.0
ALTA
Puntuación base 3.x
6.10
Gravedad 3.x
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:* | 18.2.14 (incluyendo) | |
| cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:* | 19.0.0 (incluyendo) | 19.2.22 (excluyendo) |
| cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:* | 20.0.0 (incluyendo) | 20.3.21 (excluyendo) |
| cpe:2.3:a:angular:angular:*:*:*:*:*:node.js:*:* | 21.0.0 (incluyendo) | 21.2.13 (excluyendo) |
| cpe:2.3:a:angular:angular:22.0.0:next0:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next1:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next10:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next11:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next2:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next3:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next4:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next5:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next6:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next7:*:*:*:node.js:*:* | ||
| cpe:2.3:a:angular:angular:22.0.0:next8:*:*:*:node.js:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- https://github.com/angular/angular/pull/68570
- https://github.com/angular/angular/security/advisories/GHSA-rfh7-fxqc-q52v
- https://access.redhat.com/security/cve/CVE-2026-46417
- https://bugzilla.redhat.com/show_bug.cgi?id=2491444
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-46417.json



