[Git][security-tracker-team/security-tracker][master] Mark two more CVEs no-dsa/postponed for angular.js

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Jul 20 06:28:34 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e344bbfe by Salvatore Bonaccorso at 2025-07-20T07:28:03+02:00
Mark two more CVEs no-dsa/postponed for angular.js

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14059,6 +14059,7 @@ CVE-2025-30415 (Denial of service due to improper handling of malformed input. T
 	NOT-FOR-US: Acronis
 CVE-2025-2336 (Improper sanitization of the value of the 'href' and 'xlink:href' attr ...)
 	- angular.js <unfixed> (bug #1107519)
+	[bookworm] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-2336
 	NOTE: PoC: https://codepen.io/herodevs/pen/bNGYaXx/412a3a4218387479898912f60c269c6c
 CVE-2025-29094 (Cross Site Scripting vulnerability in Motivian Content Mangment System ...)
@@ -25575,6 +25576,7 @@ CVE-2025-1194 (A Regular Expression Denial of Service (ReDoS) vulnerability was
 	NOT-FOR-US: huggingface/transformers
 CVE-2025-0716 (Improper sanitization of the value of the 'href' and 'xlink:href' attr ...)
 	- angular.js <unfixed> (bug #1104485)
+	[bookworm] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
 	NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-0716
 	NOTE: PoC: https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915
 CVE-2025-0520 (An unrestricted file upload vulnerability in ShowDoc caused by imprope ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e344bbfe55182e8f5c7c0f7d9d3373ac85876a9f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e344bbfe55182e8f5c7c0f7d9d3373ac85876a9f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250720/3709a3d9/attachment.htm>

More information about the debian-security-tracker-commits mailing list