Skip to content

Commit

Permalink
Add angularjs vuln + update ranges for bootstrap vuln
Browse files Browse the repository at this point in the history
  • Loading branch information
@eoftedal
eoftedal committed Sep 13, 2024
1 parent fcf014f commit 03ba5c5
Show file tree
Hide file tree
Showing 5 changed files with 225 additions and 5 deletions.
46 changes: 45 additions & 1 deletion repository/jsrepository-master.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2176,6 +2176,50 @@
"bowername": ["angularjs", "angular.js"],
"npmname": "angular",
"vulnerabilities": [
{
"ranges": [
{
"atOrAbove": "0",
"below": "1.8.4"
}
],
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"cwe": ["CWE-791"],
"severity": "low",
"identifiers": {
"CVE": ["CVE-2024-8373"],
"githubID": "GHSA-mqm9-c95h-x2p6"
},
"info": [
"https://github.com/advisories/GHSA-mqm9-c95h-x2p6",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8373",
"https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8373"
]
},
{
"ranges": [
{
"atOrAbove": "1.3.0-rc.4",
"below": "1.8.4"
}
],
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"cwe": ["CWE-1289"],
"severity": "low",
"identifiers": {
"CVE": ["CVE-2024-8372"],
"githubID": "GHSA-m9gf-397r-hwpg"
},
"info": [
"https://github.com/advisories/GHSA-m9gf-397r-hwpg",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8372",
"https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8372"
]
},
{
"ranges": [
{
Expand Down Expand Up @@ -3721,7 +3765,7 @@
"ranges": [
{
"atOrAbove": "4.0.0",
"below": "4.6.3"
"below": "5.0.0"
}
],
"summary": "Bootstrap Cross-Site Scripting (XSS) vulnerability",
Expand Down
46 changes: 45 additions & 1 deletion repository/jsrepository-v2.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3295,6 +3295,28 @@
"https://github.com/advisories/GHSA-qwqh-hm9m-p5hr"
]
},
{
"atOrAbove": "0",
"below": "1.8.4",
"cwe": [
"CWE-791"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8373"
],
"githubID": "GHSA-mqm9-c95h-x2p6"
},
"info": [
"https://github.com/advisories/GHSA-mqm9-c95h-x2p6",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8373",
"https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8373"
]
},
{
"atOrAbove": "1.3.0",
"below": "1.8.4",
Expand All @@ -3319,6 +3341,28 @@
"https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"
]
},
{
"atOrAbove": "1.3.0-rc.4",
"below": "1.8.4",
"cwe": [
"CWE-1289"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8372"
],
"githubID": "GHSA-m9gf-397r-hwpg"
},
"info": [
"https://github.com/advisories/GHSA-m9gf-397r-hwpg",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8372",
"https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8372"
]
},
{
"below": "1.999",
"severity": "low",
Expand Down Expand Up @@ -5256,7 +5300,7 @@
},
{
"atOrAbove": "4.0.0",
"below": "4.6.3",
"below": "5.0.0",
"cwe": [
"CWE-79"
],
Expand Down
46 changes: 45 additions & 1 deletion repository/jsrepository-v3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3368,6 +3368,28 @@
"https://github.com/advisories/GHSA-qwqh-hm9m-p5hr"
]
},
{
"atOrAbove": "0",
"below": "1.8.4",
"cwe": [
"CWE-791"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8373"
],
"githubID": "GHSA-mqm9-c95h-x2p6"
},
"info": [
"https://github.com/advisories/GHSA-mqm9-c95h-x2p6",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8373",
"https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8373"
]
},
{
"atOrAbove": "1.3.0",
"below": "1.8.4",
Expand All @@ -3392,6 +3414,28 @@
"https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"
]
},
{
"atOrAbove": "1.3.0-rc.4",
"below": "1.8.4",
"cwe": [
"CWE-1289"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8372"
],
"githubID": "GHSA-m9gf-397r-hwpg"
},
"info": [
"https://github.com/advisories/GHSA-m9gf-397r-hwpg",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8372",
"https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8372"
]
},
{
"below": "1.999",
"severity": "low",
Expand Down Expand Up @@ -5380,7 +5424,7 @@
},
{
"atOrAbove": "4.0.0",
"below": "4.6.3",
"below": "5.0.0",
"cwe": [
"CWE-79"
],
Expand Down
46 changes: 45 additions & 1 deletion repository/jsrepository-v4.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3367,6 +3367,28 @@
"https://github.com/advisories/GHSA-qwqh-hm9m-p5hr"
]
},
{
"atOrAbove": "0",
"below": "1.8.4",
"cwe": [
"CWE-791"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8373"
],
"githubID": "GHSA-mqm9-c95h-x2p6"
},
"info": [
"https://github.com/advisories/GHSA-mqm9-c95h-x2p6",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8373",
"https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8373"
]
},
{
"atOrAbove": "1.3.0",
"below": "1.8.4",
Expand All @@ -3391,6 +3413,28 @@
"https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"
]
},
{
"atOrAbove": "1.3.0-rc.4",
"below": "1.8.4",
"cwe": [
"CWE-1289"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8372"
],
"githubID": "GHSA-m9gf-397r-hwpg"
},
"info": [
"https://github.com/advisories/GHSA-m9gf-397r-hwpg",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8372",
"https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8372"
]
},
{
"below": "1.999",
"severity": "low",
Expand Down Expand Up @@ -5379,7 +5423,7 @@
},
{
"atOrAbove": "4.0.0",
"below": "4.6.3",
"below": "5.0.0",
"cwe": [
"CWE-79"
],
Expand Down
46 changes: 45 additions & 1 deletion repository/jsrepository.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3273,6 +3273,28 @@
"https://github.com/advisories/GHSA-qwqh-hm9m-p5hr"
]
},
{
"atOrAbove": "0",
"below": "1.8.4",
"cwe": [
"CWE-791"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8373"
],
"githubID": "GHSA-mqm9-c95h-x2p6"
},
"info": [
"https://github.com/advisories/GHSA-mqm9-c95h-x2p6",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8373",
"https://codepen.io/herodevs/full/bGPQgMp/8da9ce87e99403ee13a295c305ebfa0b",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8373"
]
},
{
"atOrAbove": "1.3.0",
"below": "1.8.4",
Expand All @@ -3297,6 +3319,28 @@
"https://stackblitz.com/edit/angularjs-vulnerability-ng-srcset-redos"
]
},
{
"atOrAbove": "1.3.0-rc.4",
"below": "1.8.4",
"cwe": [
"CWE-1289"
],
"severity": "low",
"identifiers": {
"summary": "AngularJS allows attackers to bypass common image source restrictions",
"CVE": [
"CVE-2024-8372"
],
"githubID": "GHSA-m9gf-397r-hwpg"
},
"info": [
"https://github.com/advisories/GHSA-m9gf-397r-hwpg",
"https://nvd.nist.gov/vuln/detail/CVE-2024-8372",
"https://codepen.io/herodevs/full/xxoQRNL/0072e627abe03e9cda373bc75b4c1017",
"https://github.com/angular/angular.js",
"https://www.herodevs.com/vulnerability-directory/cve-2024-8372"
]
},
{
"below": "1.999",
"severity": "low",
Expand Down Expand Up @@ -5204,7 +5248,7 @@
},
{
"atOrAbove": "4.0.0",
"below": "4.6.3",
"below": "5.0.0",
"cwe": [
"CWE-79"
],
Expand Down

0 comments on commit 03ba5c5

Please sign in to comment.