[SECURITY] [DLA 4242-1] angular.js security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4242-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Bastien Roucariès
July 20, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : angular.js
Version : 1.8.3-1+deb12u1~deb11u1
CVE ID : CVE-2022-25844 CVE-2023-26116 CVE-2023-26117 CVE-2023-26118
CVE-2024-8372 CVE-2024-8373 CVE-2024-21490 CVE-2025-0716
CVE-2025-2336
Debian Bug : #1014779 #1036694 #1088804 #1088805 #1104485
angular.js a popular JavaScript framework was affected by multiple
vulnerabilities.
CVE-2022-25844
A Regular Expression Denial of Service vulnerability (ReDoS)
was found by providing a custom locale rule that makes
it possible to assign the parameter in posPre: ' '.repeat()
of NUMBER_FORMATS.PATTERNS[1].posPre with a very high value
CVE-2023-26116
A Regular Expression Denial of Service (ReDoS) was found
via the angular.copy() utility function due to the usage
of an insecure regular expression.
CVE-2023-26117
A Regular Expression Denial of Service (ReDoS) was found
via the $resource service due to the usage of an insecure
regular expression.
CVE-2023-26118
A Regular Expression Denial of Service (ReDoS) was found
via the <input type="url"> element due to the usage of an
insecure regular expression in the input[url] functionality.
Exploiting this vulnerability is possible by a large
carefully-crafted input, which can result in catastrophic
backtracking.
CVE-2024-8372
Improper sanitization of the value of the 'srcset'
attribute in AngularJS allows attackers to bypass
common image source restrictions, which can also
lead to a form of Content Spoofing
CVE-2024-8373
Improper sanitization of the value of the [srcset]
attribute in <source> HTML elements in AngularJS allows
attackers to bypass common image source restrictions,
which can also lead to a form of Content Spoofing
CVE-2024-21490
A regular expression used to split
the value of the ng-srcset directive is vulnerable to
super-linear runtime due to backtracking. With large
carefully-crafted input, this can result in catastrophic
backtracking and cause a denial of service.
CVE-2025-0716
Improper sanitization of the value of the 'href'
and 'xlink:href' attributes in '<image>' SVG elements
in AngularJS allows attackers to bypass common image
source restrictions. This can lead to a form of
Content Spoofing .
CVE-2025-2336
An improper sanitization vulnerability has been identified
in ngSanitize module, which allows attackers to bypass
common image source restrictions normally
applied to image elements. This bypass can further lead to a form of
Content Spoofing. Similarly, the application's performance and behavior
could be negatively affected by using too large or slow-to-load images.
For Debian 11 bullseye, these problems have been fixed in version
1.8.3-1+deb12u1~deb11u1.
We recommend that you upgrade your angular.js packages.
For the detailed security status of angular.js please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/angular.js
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEXQGHuUCiRbrXsPVqADoaLapBCF8FAmh8HIQACgkQADoaLapB
CF+e3BAAhTYcUqj7nkPbdN1bx13eJdD4rWBcssyfE2aLKE1911NWMMtsLIhbiflo
EETpu+VF2XppkG9JOChjthKgvaQ7YaXY5ertPx5CjeJ/uMSdmkQLwWY3guTPY9kE
TbjXWFizFN5UcjItyutuVcAzdtu9dqJVkUqM9EC4bmQ9nyuOLn2dYTn/c1tYjF2V
qkXZBEknHAjzdH5xiJKJKeI4i+ifHZK74pitwLIHq1hLmEhTLJNXKqULK1JuK1Tu
QvdR03DC32j5Yq5+zvHCpgyEKSTdzABFSTcDSxP2Ea7e74s0etE7+sCkoXOPdm/p
30h3afaY4OjvwPYRo/GDC8qb9aJWTZ4pPVwwuoi+OB5sWtT+UwXXz4QKNrYvg9kC
drJmx+HtgTyDAP777vLLpP13+trTFvtfuBQ+jorvqkp8o9XFu/5GBT+8thK0l0eK
oRPTxeMPWppgN1mM45E/TLyGQm5F22yDqSX5D2r3D490cxCuKQary3Y4hkmdf5Ur
3jvrB9H8Pfbvq0NbzxN4ZAGLeb6++3GGxjWGp/TDbv2rIiBGEHObk+iEEmQv4ojR
TbKUyOC53TzR1nOpNyBtq0d0ANVA1f+ErXRxXXLugl7PHC9LmMPryVFdXjeovY4z
mB4ewn5/9m+JeRGwwUblwhPDWX7cuBI9NhKPtFr/1nCPGtuhJbY=
=HdXg
-----END PGP SIGNATURE-----
Reply to: