[Git][security-tracker-team/security-tracker][master] CVE-2022-25844/angular.js
Bastien Roucariès (@rouca)
rouca at debian.org
Sat Jul 19 22:38:06 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
61cb5fc5 by Bastien Roucariès at 2025-07-19T23:37:52+02:00
CVE-2022-25844/angular.js
For documentation purpose and ELTS fix as not vulnerable for stretch and buster
Vulenrable code is regex \s*\u00A4\s* that is not present
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -297777,10 +297777,11 @@ CVE-2022-25844 (The package angular after 1.7.0 are vulnerable to Regular Expres
[trixie] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
[bookworm] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
[bullseye] - angular.js <no-dsa> (Minor issue)
- [buster] - angular.js <no-dsa> (Minor issue, probably even not-affected)
- [stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support)
+ [buster] - angular.js <not-affected> (vulnerable code not present)
+ [stretch] - angular.js <not-affected> (vulnerable code not present)
NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735
NOTE: PoC: https://stackblitz.com/edit/angularjs-material-blank-zvtdvb
+ NOTE: Introduced by: https://github.com/angular/angular.js/commit/62743a54b79187e6c1325c0f6dec0f474147881d (1.7.0-rc.0)
CVE-2022-25843
RESERVED
CVE-2022-25842 (All versions of package com.alibaba.oneagent:one-java-agent-plugin are ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61cb5fc513fa61b8b61c0a09deabe55d7f8f1aca
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61cb5fc513fa61b8b61c0a09deabe55d7f8f1aca
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250719/678885a1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list