Angular developers should note the incremental update from @angular/core version 2.4.9 to 2.4.10. While seemingly minor, such updates often contain crucial bug fixes and performance improvements that enhance the stability and efficiency of Angular applications. Both versions share the same core framework description, MIT license, and repository details, indicating continuity in the project's fundamental aspects. Critically, the peerDependencies remain consistent, requiring rxjs version "^5.0.1" and zone.js version "^0.7.2", ensuring compatibility for existing projects relying on these versions. The key differentiator lies in the releaseDate; version 2.4.10 was released on March 17, 2017, following version 2.4.9 released on March 2, 2017. This two week gap suggests that 2.4.10 likely addresses identified issues or incorporates small enhancements discovered in the preceding release. Updating to the latest patch version within the 2.4.x series like 2.4.10 ensures developers benefit from the most up-to-date fixes and optimized code, contributing to a smoother development experience and potentially more robust application performance. Always consult the official Angular changelog for detailed specifics on the changes included in each release.
All the vulnerabilities related to the version 2.4.10 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
