[Git][security-tracker-team/security-tracker][master] CVE-2024-8373/angular.js

[Bastien Roucariès (@rouca)]

Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b6362dc3 by Bastien Roucariès at 2025-06-07T21:53:54+02:00
CVE-2024-8373/angular.js

Add original bug report

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -82890,7 +82890,8 @@ CVE-2024-8373 (Improper sanitization of the value of the [srcset] attribute in <
 	[trixie] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
 	[bookworm] - angular.js <postponed> (Minor issue, revisit when fixed upstream)
 	[bullseye] - angular.js <postponed> (Minor issue)
-	NOTE: https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b
+	NOTE: https://www.herodevs.com/vulnerability-directory/cve-2024-8373
+	NOTE: PoC: https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b
 CVE-2024-8372 (Improper sanitization of the value of the 'srcset' attribute in Angula ...)
 	- angular.js <unfixed> (bug #1088804)
 	[trixie] - angular.js <postponed> (Minor issue, revisit when fixed upstream)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6362dc3e9b0de94d6f35e2d1fc1e818dac1f0d7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b6362dc3e9b0de94d6f35e2d1fc1e818dac1f0d7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250607/a0092136/attachment.htm>