[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for angular.js

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
73b8affe by Salvatore Bonaccorso at 2026-02-01T12:49:52+01:00
Add Debian bug reference for angular.js

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -8242,7 +8242,7 @@ CVE-2026-22612 (Fickling is a Python pickling decompiler and static analyzer. Pr
 CVE-2026-22611 (AWS SDK for .NET works with Amazon Web Services to help build scalable ...)
 	NOT-FOR-US: Amazon AWS SDK
 CVE-2026-22610 (Angular is a development platform for building mobile and desktop web  ...)
-	- angular.js <undetermined>
+	- angular.js <unfixed> (bug #1126747)
 	NOTE: https://github.com/angular/angular/security/advisories/GHSA-jrmj-c5cx-3cw6
 	NOTE: https://github.com/angular/angular/pull/66318
 	NOTE: https://github.com/angular/angular/commit/91dc91bae4a1bbefc58bef6ef739d0e02ab44d56 (v21.1.0-rc.0)
@@ -26844,7 +26844,7 @@ CVE-2025-66448 (vLLM is an inference and serving engine for large language model
 CVE-2025-66415 (fastify-reply-from is a Fastify plugin to forward the current HTTP req ...)
 	NOT-FOR-US: fastify-reply-from Fastify plugin
 CVE-2025-66412 (Angular is a development platform for building mobile and desktop web  ...)
-	- angular.js <undetermined>
+	- angular.js <unfixed> (bug #1126775)
 	NOTE: https://github.com/angular/angular/security/advisories/GHSA-v4hv-rgfq-gp49
 	NOTE: https://github.com/angular/angular/commit/1c6b0704fb63d051fab8acff84d076abfbc4893a
 	TODO: check, might not impact the 1.x versions of Angular
@@ -27583,12 +27583,11 @@ CVE-2025-66040 (Spotipy is a Python library for the Spotify Web API. Prior to ve
 	NOTE: https://github.com/spotipy-dev/spotipy/security/advisories/GHSA-r77h-rpp9-w2xm
 	NOTE: https://github.com/spotipy-dev/spotipy/commit/880b92d7243dcf2b83bf31dc365a858d8b5e6767 (2.25.2)
 CVE-2025-66035 (Angular is a development platform for building mobile and desktop web  ...)
-	- angular.js <undetermined>
+	- angular.js <unfixed> (bug #1126776)
 	NOTE: https://github.com/angular/angular/security/advisories/GHSA-58c5-g7wp-6w37
 	NOTE: https://github.com/angular/angular/commit/0276479e7d0e280e0f8d26fa567d3b7aa97a516f
 	NOTE: https://github.com/angular/angular/commit/05fe6686a97fa0bcd3cf157805b3612033f975bc
 	NOTE: https://github.com/angular/angular/commit/3240d856d942727372a705252f7c8c115394a41e
-	TODO: check, might not affect 1.x versions of Angular, code is significantly diverging
 CVE-2025-66031 (Forge (also called `node-forge`) is a native implementation of Transpo ...)
 	- node-node-forge <removed>
 	[bullseye] - node-node-forge <postponed> (Minor issue, proposed for EOL)
@@ -62134,7 +62133,7 @@ CVE-2025-50461 (A deserialization vulnerability exists in Volcengine's verl 3.0.
 CVE-2025-50434 (A security issue has been identified in Appian Enterprise Business Pro ...)
 	NOT-FOR-US: Appian Enterprise Business Process Management
 CVE-2025-4690 (A regular expression used by AngularJS' linky https://docs.angularjs.o ...)
-	- angular.js <unfixed>
+	- angular.js <unfixed> (bug #1126778)
 	NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-4690
 	NOTE: https://codepen.io/herodevs/pen/RNNEPzP/751b91eab7730dff277523f3d50e4b77
 CVE-2025-4046 (A missing authorization vulnerability in Lexmark Cloud Services badge  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73b8affe55fce96033c7a4ec109a0707bc1081ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/73b8affe55fce96033c7a4ec109a0707bc1081ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260201/4e030841/attachment.htm>