Package: angular.js / 1.8.3-3
Metadata
Package | Version | Patches format |
---|---|---|
angular.js | 1.8.3-3 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
CVE 2022 25844.patch | (download) |
src/ng/filter/filters.js |
24 17 + 7 - 0 ! |
cve-2022-25844 Avoid a redos by avoiding regex bug: https://snyk.io/vuln/SNYK-JS-ANGULAR-2772735 bug-debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014779 |
CVE 2023 26116.patch | (download) |
src/Angular.js |
2 1 + 1 - 0 ! |
cve-2023-26116 Fix the redos by using regex.flags available since 2020 for all browser bug: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373044 |
CVE 2023 26117.patch | (download) |
src/ngResource/resource.js |
6 5 + 1 - 0 ! |
cve-2023-26117 Fix by linear replace a redos bug-poc: https://stackblitz.com/edit/angularjs-vulnerability-resource-trailing-slashes-redos?file=index.js bug: https://security.snyk.io/vuln/SNYK-JS-ANGULAR-3373045 bug-debian: https://bugs.debian.org/1036694 |
CVE 2023 26118.patch | (download) |
src/ng/directive/input.js |
13 1 + 12 - 0 ! |
cve-2023-26118 Regular Expression Denial of Service (ReDoS) via the <input type="url"> element due to the usage of an insecure regular expression in the input[url] functionality. Exploiting this vulnerability is possible by a large carefully-crafted input, which can result in catastrophic backtracking. |
CVE 2024 21490.patch | (download) |
src/ng/compile.js |
46 8 + 38 - 0 ! |
cve-2024-21490 and cve-2024-8372 Fix ReDoS vulnerability with ng-srcset Fix also CVE-2024-8372 by sanitizing |
CVE 2024 8373.patch | (download) |
src/ng/compile.js |
2 1 + 1 - 0 ! |
cve-2024-8373 |
CVE 2025 0716.patch | (download) |
src/ng/compile.js |
5 5 + 0 - 0 ! |
fix improper sanitisation of href and xlink:href on svg image elements Fix CVE-2025-0716 |
CVE 2025 2336.patch | (download) |
src/ngSanitize/sanitize.js |
2 1 + 1 - 0 ! |
cve-2025-2336 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit An improper sanitization vulnerability has been identified in AngularJS' ngSanitize module, which allows attackers to bypass common image source restrictions normally applied to image elements. This bypass can further lead to a form of Content Spoofing. Similarly, the application's performance and behavior could be negatively affected by using too large or slow-to-load images. The $sanitize service, which is provided by the angular-sanitize package, is used for sanitizing HTML strings by stripping all potentially dangerous tokens. As part of the sanitization, it checks the URLs of images to ensure they abide by the defined image source rules. This allows improving the security of an application by setting restrictions on the sources of images that can be shown. For example, only allowing images from a specific domain. However, due to a bug in the $sanitize service, SVG <image> elements are not correctly detected as images, even when SVG support is enabled. As a result, the image source restrictions are not applied to the images that can be shown. This allows bypassing the image source restrictions configured in the application, which can also lead to a form of Content Spoofing. Similarly, the application's performance and behavior can be negatively affected by using too large or slow-to-load images. bug: https://www.herodevs.com/vulnerability-directory/cve-2025-2336 bug-PoC: https://codepen.io/herodevs/pen/bNGYaXx/412a3a4218387479898912f60c269c6c |