[JOC-2018] Update @babel runtime version 7.25.0 to 7.27.0 due to 3rd Party Vulnerability issue CVE-2025-27789 - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Open (View Workflow)
Priority: Minor
Resolution: Unresolved
Affects Version/s: 2.7.3
Fix Version/s: 2.8.0
Component/s: None
Labels:
None

CVE-ID:
CVE-2025-27789

Description

Current Situation

AngularJS makes use of @babel.runtime 2.25.0 at build time of the JOC Cockpit JS code.
A vulnerability affects this version, see https://nvd.nist.gov/vuln/detail/CVE-2025-27789 .
JOC Cockpit itself is not affected.

Desired Behavior

JOC Cockpit 2.8.0 will be build with a more recent version of AngularJS v.19 which does not make use of the vulnerable 3rd party version.

Attachments

Activity

People

Assignee:: Rahul Patidar

Reporter:: Santiago Aucejo Petzoldt

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 27 March 2025 11:17

Updated:: 27 March 2025 11:17