Bugs fixes in "angular.js"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2025-0716 | Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common | 2026-01-14 |
| CVE | CVE-2024-8372 | Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also | 2026-01-14 |
| CVE | CVE-2023-26118 | Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to t | 2026-01-14 |
| CVE | CVE-2024-21490 | This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to sup | 2026-01-14 |
| CVE | CVE-2023-26117 | Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage | 2026-01-14 |
| CVE | CVE-2023-26116 | Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function du | 2026-01-14 |
| CVE | CVE-2022-25844 | The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possib | 2026-01-14 |
| CVE | CVE-2024-8373 | Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source re | 2026-01-14 |
| CVE | CVE-2025-2336 | Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS's 'ngSanitize' module allows atta | 2026-01-14 |
| CVE | CVE-2025-0716 | Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common | 2026-01-14 |
| CVE | CVE-2024-8372 | Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also | 2026-01-14 |
| CVE | CVE-2023-26118 | Versions of the package angular from 1.4.9 are vulnerable to Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to t | 2026-01-14 |
| CVE | CVE-2024-21490 | This affects versions of the package angular from 1.3.0. A regular expression used to split the value of the ng-srcset directive is vulnerable to sup | 2026-01-14 |
| CVE | CVE-2023-26117 | Versions of the package angular from 1.0.0 are vulnerable to Regular Expression Denial of Service (ReDoS) via the $resource service due to the usage | 2026-01-14 |
| CVE | CVE-2023-26116 | Versions of the package angular from 1.2.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the angular.copy() utility function du | 2026-01-14 |
| CVE | CVE-2022-25844 | The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service (ReDoS) by providing a custom locale rule that makes it possib | 2026-01-14 |
| CVE | CVE-2024-8373 | Improper sanitization of the value of the [srcset] attribute in <source> HTML elements in AngularJS allows attackers to bypass common image source re | 2026-01-14 |
| CVE | CVE-2025-2336 | Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS's 'ngSanitize' module allows atta | 2026-01-14 |
| CVE | CVE-2025-0716 | Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common | 2026-01-14 |
| CVE | CVE-2024-8372 | Improper sanitization of the value of the 'srcset' attribute in AngularJS allows attackers to bypass common image source restrictions, which can also | 2026-01-14 |
About
-
Send Feedback to @ubuntu_updates
