18 matches found
Security Bulletin: Due to use angular-1.8.2.min.js , IBM webMethods Integration Server is affected by multiple vulnerabilities.
Summary Multiple vulnerabilities were addressed in IBM webMethods Integration Server by upgrading the version of the Angular framework. Vulnerability Details CVEID:CVE-2025-0716 DESCRIPTION: Improper sanitization of the value of the 'href' and 'xlink:href' attributes in 'image' SVG elements in...
CVE-2022-25844 vulnerabilities
Vulnerabilities for packages: solr...
CVE-2022-25844 vulnerabilities
Vulnerabilities for packages: solr...
Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to denial of service due to AngularJS (CVE-2022-25844)
Summary AngularJS is shipped with IBM Tivoli Netcool Impact as part of its UI framework. Information about a security vulnerability affecting AngularJS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2022-25844 DESCRIPTION: Node.js Angular module is vulnerable to a deni...
Security Bulletin: Multiple vulnerabilities have been identified in AngularJS shipped with IBM Tivoli Netcool Impact
Summary AngularJS is shipped with IBM Tivoli Netcool Impact as part of its UI framework. Information about security vulnerabilities affecting AngularJS has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-26117 DESCRIPTION: AngularJS is vulnerable to a denial of service...
Security Bulletin: Multiple Angular vulnerabilities affects IBM Tivoli Business Service Manager (CVE-2023-26116, CVE-2023-26117, CVE-2023-26118, CVE-2022-25869, CVE-2022-25844)
Summary Angular is shipped with IBM Tivoli Business Service Manager as a component of it's dashboard interface. Information about security vulnerabilities affecting Angular has been published in a security bulletin. Vulnerability Details CVEID:CVE-2023-26116 DESCRIPTION: AngularJS is vulnerable t...
Mageia: Security Advisory (MGASA-2023-0215)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0215 Updated glances packages fix security vulnerability
Regular Expression Denial of Service ReDoS in angular CVE-2022-25844...
Security Bulletin: IBM Sterling Control Center is vulnerable to denial of service due to Node.js Angular (CVE-2022-25844)
Summary IBM Sterling Control Center uses Node.js Angular which is vulnerable to a denial of service, caused by a regular expression denial of service. Vulnerability Details CVEID:CVE-2022-25844 DESCRIPTION: Node.js Angular module is vulnerable to a denial of service, caused by a regular expressio...
Fedora 36 : glances (2022-e016e6f445)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-e016e6f445 advisory. Update to 3.3.0.1 and CVE-2022-25844 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Fedora 35 : glances (2022-edf635cf39)
The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-edf635cf39 advisory. Update to 3.3.0.1 and CVE-2022-25844 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has n...
Security Bulletin: A security vulnerability has been identified in Angular shipped with Tivoli Business Service Manager (CVE-2022-25844)
Summary Angular is shipped with IBM Tivoli Business Service Manager. Information about a security vulnerability affecting Angular has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions...
10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +2678 more potentially affected by CVE-2022-25844 via angular (>=1.7.0 <=1.8.3)
angular NPM version =1.7.0, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2022-25844 Source advisory: OSV:GHSA-M2H2-264F-F486...
CVE-2022-25844
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...
CVE-2022-25844 Regular Expression Denial of Service (ReDoS)
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...
CVE-2022-25844
CVE-2022-25844 affects AngularJS (angular.js) 1.7.0 and newer, exploited via a ReDoS in a custom locale rule that enables a very large value for NUMBER_FORMATS.PATTERNS[1].posPre through posPre: ' '.repeat(). The CVE is noted as the package being deprecated. Debian advisory confirms a fix in angu...
CVE-2022-25844
The package angular after 1.7.0 are vulnerable to Regular Expression Denial of Service ReDoS by providing a custom locale rule that makes it possible to assign the parameter in posPre: ' '.repeat of NUMBERFORMATS.PATTERNS1.posPre with a very high value. Note: 1 This package has been deprecated an...
10.30.npm-learning (>=1.0.0 <=1.1.0), 2017_node (=1.0.0) +2678 more potentially affected by CVE-2022-25844 via angular (>=1.7.0 <=1.8.3)
angular NPM version =1.7.0, =1.0.0, =4.13.7-rc4, =1.103.1, =1.103.1, =1.102.4, =1.102.3, =1.102.3, =1.4.156, =1.0.3, =1.0.0, =1.0.0, =0.5.0, =0.5.2 and more Source cves: CVE-2022-25844 Source advisory: SNYK:JS-ANGULAR-2772735...