Angular developers looking to stay current with the framework should note the incremental updates between versions 4.1.1 and 4.1.2 of @angular/core. While both versions share the same core description as "Angular - the core framework," licensed under MIT, and depend on rxjs and zone.js, there's a crucial detail: the release dates. Version 4.1.2 arrived on May 10, 2017, succeeding version 4.1.1, which was released on May 4, 2017.
Although the provided data snippets don't explicitly detail specific code changes or feature additions, the six-day gap between releases suggests that version 4.1.2 likely incorporates bug fixes, performance enhancements, or minor adjustments. Developers should consult the official Angular changelog or release notes for a comprehensive list of modifications. When upgrading, developers should test their applications thoroughly after updating to 4.1.2. Remember to review any breaking changes to @angular/core on Angular's Github page to make sure the dependencies will be correctly installed during the update process.
All the vulnerabilities related to the version 4.1.2 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
