[Git][security-tracker-team/security-tracker][master] Mark two more CVEs no-dsa/postponed for angular.js

Sat, 19 Jul 2025 22:28:44 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e344bbfe by Salvatore Bonaccorso at 2025-07-20T07:28:03+02:00
Mark two more CVEs no-dsa/postponed for angular.js

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14059,6 +14059,7 @@ CVE-2025-30415 (Denial of service due to improper 
handling of malformed input. T
        NOT-FOR-US: Acronis
 CVE-2025-2336 (Improper sanitization of the value of the 'href' and 
'xlink:href' attr ...)
        - angular.js <unfixed> (bug #1107519)
+       [bookworm] - angular.js <postponed> (Minor issue, revisit when fixed 
upstream)
        NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-2336
        NOTE: PoC: 
https://codepen.io/herodevs/pen/bNGYaXx/412a3a4218387479898912f60c269c6c
 CVE-2025-29094 (Cross Site Scripting vulnerability in Motivian Content 
Mangment System ...)
@@ -25575,6 +25576,7 @@ CVE-2025-1194 (A Regular Expression Denial of Service 
(ReDoS) vulnerability was
        NOT-FOR-US: huggingface/transformers
 CVE-2025-0716 (Improper sanitization of the value of the 'href' and 
'xlink:href' attr ...)
        - angular.js <unfixed> (bug #1104485)
+       [bookworm] - angular.js <postponed> (Minor issue, revisit when fixed 
upstream)
        NOTE: https://www.herodevs.com/vulnerability-directory/cve-2025-0716
        NOTE: PoC: 
https://codepen.io/herodevs/pen/qEWQmpd/a86a0d29310e12c7a3756768e6c7b915
 CVE-2025-0520 (An unrestricted file upload vulnerability in ShowDoc caused by 
imprope ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e344bbfe55182e8f5c7c0f7d9d3373ac85876a9f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e344bbfe55182e8f5c7c0f7d9d3373ac85876a9f
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to