Bug 2362958 (CVE-2025-0716)

Summary: CVE-2025-0716 angular: AngularJS improper sanitization in SVG '<image>' element
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: aschwart, asoldano, bbaranow, bdettelb, bmaxwell, boliveir, brian.stansberry, cdewolf, darran.lofthouse, dkreling, doconnor, dosoudil, drichtar, eglynn, erack, fjuma, gmalinko, gotiwari, istudens, ivassile, iweiss, janstey, jcantril, jhorak, jjoyce, jkoops, jschluet, lchilton, lgao, lhh, lsvaty, mburns, mgarciac, mosmerov, mposolda, msochure, msvehla, mvyas, nwallace, pdelbell, pdrozd, peholase, periklis, pesilva, pgrist, pjindal, pmackay, pskopek, rmartinc, rojacob, rowaters, rstancel, rstepani, sfeifer, smaestri, ssilvert, sthorger, teagle, tom.jenkinson, tpopela, vmuzikar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A flaw was found in the angular package. Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS can allow attackers to bypass common image source restrictions. This can lead to a form of Content Spoofing and negatively affect the application's performance and behavior by using too large or slow-to-load images.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2363071, 2363072, 2363073, 2363074, 2363077, 2363078, 2363079, 2363080, 2363083, 2363062, 2363063, 2363064, 2363065, 2363066, 2363067, 2363068, 2363069, 2363070, 2363075, 2363076, 2363081, 2363082    
Bug Blocks:    

Description OSIDB Bzimport 2025-04-29 17:01:09 UTC 
Improper sanitization of the value of the 'href' and 'xlink:href' attributes in '<image>' SVG elements in AngularJS allows attackers to bypass common image source restrictions. This can lead to a form of  Content Spoofing https://owasp.org/www-community/attacks/Content_Spoofing  and also negatively affect the application's performance and behavior by using too large or slow-to-load images.

This issue affects all versions of AngularJS.

Note:
The AngularJS project is End-of-Life and will not receive any updates to address this issue. For more information see  here https://docs.angularjs.org/misc/version-support-status .