Angular core version 4.4.2 represents a minor update over its predecessor, version 4.4.1, within the Angular framework. While the core description, dependencies on tslib, and peer dependency requirements for rxjs and zone.js remain consistent, developers should note the change in release date, with 4.4.2 being published on September 18, 2017, subsequent to 4.4.1's release on September 15, 2017.
For developers, this indicates a likely patch release addressing bug fixes or minor enhancements rather than a feature-rich upgrade. Examining the Angular changelog associated with these versions is crucial to ascertain the specific modifications implemented. Given the continuity in core dependencies and peer dependencies, the upgrade from 4.4.1 to 4.4.2 should generally pose minimal disruption to existing Angular projects. However, it's always advisable to review the detailed release notes to identify any potential breaking changes or compatibility considerations, ensuring a smooth transition and leveraging any improvements offered by the newer version of the Angular core. The dist.tarball attribute provides the link to download each specific version.
All the vulnerabilities related to the version 4.4.2 of the package
Cross site scripting in Angular
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first. Upgrading to version 10.2.5, 11.0.5 or 11.1.0-next.3 is advised to to address this issue.
