Several security issues were fixed in AngularJS.
Software Description:
- angular.js: JavaScript-based web framework
Details:
It was discovered that AngularJS did not properly sanitize certain
`xlink:href` attributes. A remote attacker could possibly use this issue
to perform cross site scripting. This issue only affected Ubuntu 16.04
LTS. (CVE-2019-14863)
It was discovered that AngularJS incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause AngularJS
to consume resources, leading to a regular expression denial of service.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 24.04
LTS and Ubuntu 25.04. (CVE-2022-25844)
It was discovered that AngularJS incorrectly handled certain regular
expressions. An attacker could possibly use this issue to cause AngularJS
to consume resources, leading to a regular expression denial of service.
(CVE-2023-26116, CVE-2023-26117)
It was discovered that AngularJS incorrectly handled c...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 25.04
libjs-angularjs 1.8.3-1ubuntu0.25.04.1
Ubuntu 24.04 LTS
libjs-angularjs 1.8.3-1ubuntu0.24.04.1
Ubuntu 22.04 LTS
libjs-angularjs 1.8.2-2ubuntu0.1
Ubuntu 20.04 LTS
libjs-angularjs 1.7.9-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libjs-angularjs 1.5.10-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
libjs-angularjs 1.2.28-1ubuntu2+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-7958-1
CVE-2019-14863, CVE-2022-25844, CVE-2023-26116, CVE-2023-26117,
CVE-2023-26118, CVE-2024-21490, CVE-2024-8372, CVE-2024-8373,
CVE-2025-0716, CVE-2025-2336
Get the latest Linux and open source security news straight to your inbox.